What We Learned from Studying 36,000 OSS Projects | Press Release

blog-logo Sonatype Blog

Nancy, on a Boat! (Announcing Nancy for Docker)

By DJ Schleen on October 17, 2019 Docker
Nancy checks for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index. docker-nancy wraps the nancy executable in a Docker image.
Read More...

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

By Katie McCaskey on October 16, 2019 JenkinsCI
Justin Young (@whyjustin) demonstrates how a malicious component can access your connected network - and how to identify that component inside Jenkins.
Read More...