Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Cybersecurity Improvement Act of 2017:  The Ghost of Congress Past

It seems like yesterday when when Representative Ed Royce proposed legislation entitled the Cyber Supply Chain Management and Transparency ActIn

Read More...

How a Software Bill of Materials Uncovers Known Vulnerabilities

In two minutes, we can show you a full software bill of materials for your application. We can also identify any known vulnerabilities in the open source

Read More...

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management

Read More...

Code, Cars, and Congress: A Time for Cyber Supply Chain Management

On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the "Cyber Supply Chain Management

Read More...

Talking Turkey in Texas: Open Source Governance Lags

Deep in the heart of Texas, I was leading a panel discussion at the Lone Star Application Security Conference (LASCON) a few weeks ago. The panel was “

Read More...

42,000 Nexus Repository Managers, and Growing!

[Editor's Note: An update to this article is now available. As of February 2015, active Nexus instances have reached 50,000. For more information, please

Read More...

CIO.com: Helping Developers Reduce Open Source Risk

Last week, CIO.com shared a story of an inflection point in application security. Lucian Constantin discussed how there needs to be a shift from manual

Read More...

How Big is a Billion? Open Source Growth Skyrockets

How Big is a Billion?

We all remember 1997’s Austin Powers movie with Dr. Evil trying to express a really big number:

Read More...