Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

The “Big Hack” That Actually Happened - Chinese Military Implicated in Equifax Breach

By Matt Howard on February 11, 2020 vulnerabilities
Members of the Chinese Military were implicated in the attack on Equifax's software supply chain. It's time to take software supply chain hygiene seriously.
Read More...

How to Publish Java Artifacts to Nexus Using Jenkins and Maven

By Daniel Hernández on February 07, 2020 Nexus Repository
In this article we are going to explore how you can publish Java artifacts (.ear, .jar, .war) to Nexus 3 using Jenkins and Maven.
Read More...

Anatomy of a Continuous Delivery Pipeline

By Peter Morlion on February 04, 2020 continuous deployment
Kamalika Majumder explains the anatomy of a continuous delivery pipeline, its benefits, and five key principles to shape and refine it.
Read More...

Three DevSecOps Lessons Drawn from Conversations with 45 CISOs

By Matt Howard on January 29, 2020 CISO
CISOs reduce risk and significantly improve an organization's IT security posture by shifting more resources to the beginning of the digital supply chain.
Read More...

Nexus Innovator: David Radford-Grant of Achievers

By Katie McCaskey on January 16, 2020 devops best practices
Months of outages. Sure, support was available -- if the boss agreed to pay 10x more. Here's how one man fixed both issues using Nexus Repo Pro.
Read More...

Shifting Security Left: The Innovation of DevSecOps

By Sylvia Fronczak on January 02, 2020 shift left
DevSecOps is a cultural shift that reinforces the mindset that everyone is responsible for security. Here's why this idea is so innovative and productive.
Read More...

Continuous Delivery For All

By Derek Weeks on December 24, 2019 Continuous Delivery
Jez Humble addresses the four reasons he consistently hears why continuous delivery won't work in their organization -- and busts all the myths.
Read More...

Sonatype Nexus is Rising Above the Swamp

By Matt Howard on December 16, 2019 Nexus vs. Artifactory
With Vista by our side, Sonatype's direction is clear, and Nexus is rising above JFrog Artifactory. We invite you to test the Nexus difference.
Read More...

Gartner: Mitigate Risk By Hardening the Software Supply Chain

By Katie McCaskey on December 12, 2019 Sonatype Nexus
As Gartner explains, key to mitigating open source risk, is a hardened software supply chain. But, where do you start?
Read More...