Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

Open Source and Cloud Security Together at Last

By Kevin Miller on November 12, 2020 Nexus Lifecycle
Sonatype and Fugue partner to combine Open Source and Cloud Security and Compliance
Read More...

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

By Ax Sharma on November 08, 2020 github
Gitpaste-12, a worming botnet, is extremely versatile in its advanced capabilities as it leverages trustworthy sites like GitHub and Pastebin to host itself.
Read More...

Turkish Banking Agency Mandates Better Software Supply Chain Hygiene

The Banking Regulation and Supervision Agency has introduced new standards to protect the Turkish citizenry and require banks to more aggressively protect customer data, payment information and
Read More...

What I Learned from DevSecOps Leaders in a High Tech World

By Sara Budsock on October 16, 2020 devsecops
DevSecOps leaders from FISERV, Sirius XM, NBC Universal, OneTrust, Estée Lauder, PointClickCare, and Micro Focus, share how DevSecOps adoptions is adding value to their organizations.
Read More...

Making Developer’s Lives Easier as We Enter The New Frontier of Dependency Management

By Brian Fox on October 07, 2020 Nexus Lifecycle
Sonatype's Advanced Development Pack will fundamentally change how teams manage code dependencies.
Read More...

Sonatype finds malicious npm packages which broadcast your IP, username, and device fingerprint info on the web

By Ax Sharma on September 30, 2020 vulnerabilities
Initially found by Sonatype's malicious code detection bots, our researchers have discovered and confirmed the presence of two new vulnerable npm packages, electorn and loadyaml.
Read More...

Katie Arrington discusses making development move at the speed of relevance

By Ryan Schradin on September 14, 2020 government
Katie Arrington, CISO for the Office of the Under Secretary of Defense for Acquisition, recently discussed DevSecOps in the federal government and how the DoD is tackling key issues.
Read More...

Sonatype CEO on The Future of the Software Supply Chain

Sonatype's CEO Wayne Jackson talked about Maven, the software supply chain, and speed vs. security no longer being at odds, at the 2020 Nexus User Conference.
Read More...

Introducing our 2020 State of the Software Supply Chain Report

By Derek Weeks on August 12, 2020 Software Supply Chains
Sonatype's 2020 State of the Software Supply Chain Report shows that faster innovation and better risk management do not have to be mutually exclusive.
Read More...