Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

By Katie McCaskey on October 16, 2019 JenkinsCI
Justin Young (@whyjustin) demonstrates how a malicious component can access your connected network - and how to identify that component inside Jenkins.
Read More...

Announcing GoNexus

By Joseph Stephens on August 21, 2019 Nexus Repository
GoNexus helps developers run reliable and reproducible builds. It follows our tools, Nancy, Goalie, NXRM OSS, and DepShield used in the Go community.
Read More...