Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

What is a Software Bill of Materials (SBOM)?

By Justin Reynolds on September 27, 2021 software bill of materials
A deep dive into a Software Bill of Materials with top use cases, benefits, and ways to manage.
Read More...

Return on Investment in Software Composition Analysis?

By IT Central Station on August 20, 2021 Nexus Lifecycle
Having become a more standard part of the software development process, SCA is increasingly taken for granted as worth the investment, but is it?
Read More...

What to Consider When Crafting Your OSS Policy

By Filipp Kofman on July 15, 2021 legal
Building a plan for using open source software in your company means less confusion and risk. A look at some of the necessities and ideals in handling freely available code.
Read More...

Effective Tools for Software Composition Analysis

By IT Central Station on July 14, 2021 Nexus Lifecycle
Better developer tools for the software supply chain mean a faster, more effective team. Sonatype customers share the tools that help them move faster and with less risk.
Read More...

Why High-Quality Data is Critical for Effective Software Composition Analysis

A secure software supply chain requires higher quality data. Sonatype customers share why its software compositional analysis intelligence means greater confidence that real vulnerabilities will be
Read More...

Katie Arrington discusses making development move at the speed of relevance

By Ryan Schradin on September 14, 2020 government
Katie Arrington, CISO for the Office of the Under Secretary of Defense for Acquisition, recently discussed DevSecOps in the federal government and how the DoD is tackling key issues.
Read More...

Sonatype CEO on The Future of the Software Supply Chain

Sonatype's CEO Wayne Jackson talked about Maven, the software supply chain, and speed vs. security no longer being at odds, at the 2020 Nexus User Conference.
Read More...

How to Use Gitlab-CI with Nexus

By Sudipt Sharma on August 14, 2019 Nexus Repository
Sudipt Sharma demonstrates how to establish a CI/CD pipeline using gitlab-ci and deploying artifacts to Nexus Repository.
Read More...

Getting Started With Sonatype DepShield: An Introduction

By Casey Dunham on May 06, 2019 github
Sonatype’s GitHub application DepShield scans your GitHub repository and analyzes dependencies for known vulnerabilities. The best part is that it’s free!
Read More...