Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights: CVE-2018-16487 Lodash RCE + 'prototype' pollution

By Elisa Velarde on November 27, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're covering CVE-2018-16487: remote code execution and 'prototype' pollution in Lodash and how to protect against a hack of this vulnerable vector.
Read More...

Nexus Lifecycle Now Integrates with Red Hat Clair to Secure Containers Across the SDLC

By Michelle Dufty on November 25, 2019 featured
Sonatype is automating container security via an open API that makes it easy for third-party container scanners to integrate with Nexus Lifecycle - starting with Red Hat Clair.
Read More...

Vista Acquires a Majority Interest in Sonatype: A Great Day for our Customers, Partners and Community

By Wayne Jackson and Brian Fox on November 18, 2019 featured
Sonatype is excited to share that Vista Equity Partners is acquiring a majority interest in the company - meaning our journey continues alongside a powerful new strategic partner.
Read More...

Proxy a Conda Repository Using Nexus Repo

By Sable Yemane on November 15, 2019 python
Conda is popular with data scientists because they can take advantage of Python's flexibility while using existing C and Fortran models and libraries.
Read More...

Keep GitHub Dependencies Secure with Nexus Lifecycle's Automated Pull Requests

By Michelle Dufty on November 12, 2019 new features
Sonatype has long been the world’s premier provider of open source health and hygiene data. Now, it's bringing that data to GitHub with six new Nexus integrations.
Read More...

Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year

By Katie McCaskey on November 07, 2019 open source governance
Sonatype ranks in Deloitte's Technology Fast 500™ for a fourth year. Recognized as a top 30 company in the D.C. area, this award follows several others.
Read More...

Sonatype Partners with All Day DevOps to Deliver the Largest DevOps Conference for 36,000

By Derek Weeks on November 05, 2019 DevOps Culture
In conjunction with All Day DevOps, Sonatype helps to educate more than 36,000 IT professionals. Join us on Nov. 6.
Read More...

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

By Brent Kostak on November 01, 2019 github
Nexus Repository/Datree integration applies policy control on GitHub commits to bring together developer codebase visibility and build artifact management.
Read More...

How The Unicorn Project Aligns with The Phoenix Project

By Mark Miller on October 18, 2019 books
In this podcast Gene Kim, author of The Phoenix Project, discusses his new book, The Unicorn Project. Gene talks about the overlap in storylines and why he chose to speak for software developers.
Read More...