Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

DevOps at the US Patent and Trademark Office

By Katie McCaskey on July 18, 2019 devsecops
The US Patent and Trademark Office's Fee Processing Next Generation (FPNG) is an example of a government agency moving to a devops development environment.
Read More...

Nexus Intelligence Insights: CVE-2019-13354: 'strong_password' embedded malicious code, RubyGems

By Elisa Velarde on July 10, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're covering CVE-2019-13354: strong_password, an embedded malicious code vulnerability in RubyGems.
Read More...

GDPR Gets Teeth: British Airways and Marriott Fined

By Ilkka Turunen on July 09, 2019 devsecops
Fines levied at British Airways and Marriott International under GDPR show why data protection must be a central part of the software supply chain.
Read More...

Developers, Rejoice: Auto-Remediation Now Available in Eclipse, IntelliJ, and Visual Studio

By Sonal Thawani on July 08, 2019 Nexus Lifecycle
Auto-remediation makes it even easier to choose the best component right within an IDE. The CIP now automatically suggests the compliant version.
Read More...

Nexus Intelligence Insights: CVE-2018-1109-Braces Regular expression Denial of Service (ReDoS) attack

By Elisa Velarde on June 28, 2019 vulnerabilities
In this month's Nexus Intelligence Insights, we're analyzing the mechanics of the braces regular expression denial of service attack - and what you can do to stop it.
Read More...

What 36,000 OSS Projects and 12,000 Commercial Dev Teams Taught Us About Secure Coding Practices

By Derek Weeks on June 25, 2019 Software Supply Chain
Our 2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 OSS Dev Teams and 12,000 commercial software engineering teams.
Read More...

DevOps Culture: The Neuroscience of Behavior

By Katie McCaskey on June 18, 2019 devsecops
Helen Beal of Ranger4 takes a look at how the brain works, and what that means for cultural transformation. This is your brain on DevOps.
Read More...

OSS Endgame: Nexus Firewall as Your Shield Against Open Source Invasions

By Erik Dietrich on June 12, 2019 Nexus Firewall
Put simply, Nexus Firewall enables the heroes. Mike Van Doren walked through how to get started using it at the 2019 Nexus User Conference.
Read More...

Maturing DevOps in TD Bank

By Erik Dietrich on June 12, 2019 Devops
TD Bank has big global growth goals, but are also working toward a huge digital transformation. This combo has driven the need for organizational change toward DevOps. TD Bank shared their story at
Read More...