One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

Considering Nexus Auditor? You Should, But Know These Things First

By Kadi Grigg on June 25, 2020 JIRA
Nexus Auditor, in the right use case, is a solid, cost-effective solution. Is Nexus Auditor the solution for you? Maybe, maybe not. Here's how to find out.
Read More...

Workflow Automation: Publishing Artifacts to Nexus Repository using Jenkins Pipelines

By Dmitriy Akulov on June 12, 2020 AppSec
Use Nexus Repo to create an automated workflow to build, store, organize, and monitor the compiled Maven artifacts through a CI server.
Read More...

How to Publish Docker Images on a Private Nexus Repository Using Jib Maven Plugin

By Awkash Agrawal on June 08, 2020 AppSec
Learn how to publish Docker images to a private Nexus repository with the help of the Maven Jib plugin.
Read More...

Managing Nexus API Using Jenkins X

By Steve Boardwell on March 13, 2020 jenkins
Steve Boardwell demonstrates how to create custom repositories in your Jenkins X managed Nexus server, and what is possible with the Nexus scripting API.
Read More...

Nexus Intelligence Insights CVE-2020-2100: Jenkins - UDP Amplification Reflection Attack Leading to Distributed Denial of Service (DDoS)

By Akshay 'Ax' Sharma on February 12, 2020 vulnerabilities
CVE-2020-2100 takes advantage of the fact that, by default, both UDP multicast/broadcast and DNS multicast traffic is enabled on Jenkins. Here's what to do.
Read More...

How to Publish Java Artifacts to Nexus Using Jenkins and Maven

By Daniel Hernández on February 07, 2020 Nexus Repository
In this article we are going to explore how you can publish Java artifacts (.ear, .jar, .war) to Nexus 3 using Jenkins and Maven.
Read More...

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

By Katie McCaskey on October 16, 2019 JenkinsCI
Justin Young (@whyjustin) demonstrates how a malicious component can access your connected network - and how to identify that component inside Jenkins.
Read More...

How to Deploy a Jenkins Cluster on AWS as Part of a Fully Automate CI/CD Platform

By Mohamed Labouardy on November 05, 2018 jenkins
Following his Nexus User Conference talk on how to build a fully automated CI/CD platform on AWS, using Terraform, Packer & Ansible, Mohamed Labouardy goes even deeper, discussing how to deploy a
Read More...

The Power of Data in DevSecOps

By Derek Weeks on January 28, 2018 OSS governance
Better data improves mean times to repair in DevSecOps pipelines.
Read More...