Featured Article

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Read More

SHARE:

Sonatype_Blog_Logo_White
Hands holding puzzle pieces
READ MORE

Cyber-readiness and Changing Federal Government SBOM Requirements

By Cate Richards on March 27, 2023 News and Views

6 minute read time

Upcoming regulatory changes are coming to go from software transparency to better address cyber-readiness at the Federal level and beyond.
Read More...
Hand holding a gear
READ MORE

2023 Predictions: What Will Happen in Software Supply Chain Governance?

By Luke Mcbride on January 09, 2023 Software Supply Chain

8 minute read time

A look at what we're expecting in the coming year, including open source security, software supply chain attacks, regulation, DevOps, and more.
Read More...
People walking around a grid
READ MORE

Setting Boundaries: How Procurement Relates to Security (Part 1)

By Michael Griffin on August 24, 2022 News and Views

4 minute read time

Whether your organization calls it purchasing, requisition, bidding, or business operations, not managing what comes into your company can be expensive.
Read More...
Gavel with government building behind it
READ MORE

A Clear Path Forward Toward More Secure and Maintainable Open Source Software

By Brian Fox on May 13, 2022 featured

7 minute read time

Sonatype CTO shares thoughts following conversations, led by OpenSSF, where industry and government came together to discuss securing open source software.
Read More...
Women at Sonatype
READ MORE

Open Source and Diversity in Tech: Women@Sonatype

By Luke Mcbride on March 08, 2022 Women in Tech

8 minute read time

Celebrating International Women's Day (March 8), the Women@Sonatype group discusses community, recruiting, onboarding, inclusion, and beyond.
Read More...
Stylized shaking hands photo
READ MORE

Why Companies Should Contribute to Open Source – And How to Do It

By Matt Freeland on February 03, 2022 Community

7 minute read time

Your company relies on open source projects; giving back to them can reduce tech debt, accelerate innovation, and reduce your developers’ cognitive load. 
Read More...
Stylistic image of molecule chains
READ MORE

A Non-Programmer Introduction to the Software Supply Chain (Electron)

By Luke Mcbride on October 14, 2021 Software Supply Chain

3 minute read time

Connecting the larger use by the software industry of component programs to something most people have on their machine right now: The Electron Framework.
Read More...
Stylistic image of a chain
READ MORE

Software Supply Chains: An Introductory Guide

By Luke Mcbride on October 08, 2021 Open Source

8 minute read time

Take a closer look at the software supply chain, including what it contains, why it’s important, and how to protect it from vulnerabilities.
Read More...
Image of a raining cloud representing the Cloudflare critical vulnerability
READ MORE

This npm Package Could Have Brought Down Cloudflare’s Entire CDN and Millions of Websites

By Ax Sharma on July 16, 2021 vulnerabilities

5 minute read time

Cloudflare has patched a critical vulnerability in its open source content delivery network, CDNJS, that threatened the security, integrity, and availability of the wider supply chain.
Read More...