Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

How manufacturing best practices can improve open source consumption and software supply chains

By Jeff Wayman on October 12, 2023 thought leaders

5 minute read time

Explore Sonatype's research paper developed in partnership with the Atlantic Council on software supply chain best practices for open source consumption
Read More...
READ MORE

Introducing our 9th annual State of the Software Supply Chain report

By Aaron Linskens on October 03, 2023 open source security

5 minute read time

Sonatype announces the arrival of our 9th annual State of the Software Supply Chain report that explores open source security, industry trends, and more.
Read More...
READ MORE

Unlocking the power of generative AI in software development: Insights from Sonatype's survey

By Aaron Linskens on September 12, 2023 Software Supply Chain

4 minute read time

Explore the influence of generative AI in software development via the results of Sonatype's recent survey involving 400 DevOps and 400 SecOps leaders
Read More...
READ MORE

Enhancing software supply chain security: New Sonatype product capabilities

By Tara Flynn Condon on August 21, 2023 News and Views

3 minute read time

Sonatype announces the latest enhancements for Sonatype Repository Firewall, Sonatype Nexus Repository, and Sonatype Lifecycle.
Read More...
READ MORE

Getting started with the Secure Software Development Framework (SSDF)

6 minute read time

Discover how to get started with the Secure Software Development Framework (SSDF), what it contains, and why should you leverage it
Read More...
READ MORE

Cyber Resilience Act: The future of software in the European Union

6 minute read time

Discover what the EU Cyber Resilience Act entails and what the consequences might be for open source and software development overall
Read More...
READ MORE

How to measure the maturity of your software supply chain

6 minute read time

Learn how to measure the maturity of your software supply chain and leverage a maturity framework for more secure and reliable software
Read More...
READ MORE

Sonatype named a leader in The Forrester Wave™ for software composition analysis

By Tara Flynn Condon on June 15, 2023 Forrester

3 minute read time

The Sonatype platform named a Leader in the 2023 Forrester Wave for SCA.
Read More...
READ MORE

How to improve your software supply chain with a software security framework

8 minute read time

Enhance software supply chain security with a framework. Protect against attacks, meet regulations, and release secure software. Learn more now.
Read More...