The 2020 State of the Software Supply Chain Report is available!

Study Shows High-Performance Dev Teams Fix OSS Vulns 26x Faster | Press Release

blog-logo Sonatype Blog

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

By Katie McCaskey on October 16, 2019 JenkinsCI
Justin Young (@whyjustin) demonstrates how a malicious component can access your connected network - and how to identify that component inside Jenkins.

Continuous Integration In The Age Of Containers - Part 1

By Curtis Yanko on December 28, 2017 Docker
A practical example of how to build and test a modern, containerized, application using Docker and the Nexus Platform.

Shift Security Practices Left: New Nexus Plugin for Jenkins Pipelines

By Justin Young on April 17, 2017 Nexus Lifecycle
With the latest Nexus Platform plugin for Jenkins 2.x, organizations now have access to continuous component intelligence within their Jenkins CI/CD pipelines.