Sonatype Selected by Equifax to Support OS Governance Press Release

SON_logo_blog_2

Struts2 Vulnerabilities: Who Is Responsible? (Video and Podcast)

By Mark Miller on September 14, 2017 Apache Struts2

Update: This article was originally published on September 14, 2017. The same day, Kevin McGrail published an article on LinkedIn, Act II: Equifax tries and

Read More...

The Nexus Firewall – Perimeter Defense for Software Development

By Mike Hansen on January 25, 2017 Devops

The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at

Read More...

An Insider's View: Analyzing Software Supply Chains

I recently sat down for a spell with Bruce Mayhew, Director of Research and Development at Sonatype and co-author/project lead for OWASP WebGoat, to discuss

Read More...

Automated Nexus Reports on Licenses, Security, and More

By Derek Weeks on August 05, 2015 nexus pro

You have been using Nexus repository managers for years, but did you know they offer a free reporting feature that details your component licenses, known

Read More...

The Cost to DevOps: 27 Mufflers

By Derek Weeks on July 16, 2015 Known Vulnerabilities

Imagine

Imagine that you are designing the 2016 Range Rover line of sport utility vehicles. Like all gas powered vehicles, each one needs an exhaust

Read More...