Featured Article
Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day
How Large Organizations Can Easily Scan for Log4j Vulnerabilities
7 minute read time
Large orgs looking for the Log4j vulnerability in 1000s of apps, can be more effective and efficient with Nexus Lifecycle and Easy SCM Onboarding.
Read More...
New Nexus Lifecycle Enhancements Deliver Faster Remediation Experience
3 minute read time
Prevent development hazards with new Nexus Lifecycle features to quickly compare versions, avoid vulnerabilities, and evaluate open source licenses.
Read More...
Return on Investment in Software Composition Analysis?
4 minute read time
Having become a more standard part of the software development process, SCA is increasingly taken for granted as worth the investment, but is it?
Read More...
Javascript Scanning Now Supported in Jetbrains IDEs: Intellij IDEA, Webstorm, and More
2 minute read time
The Sonatype Nexus platform now evaluates and analyzes Javascript/Node components directly in IntelliJ IDEA.
Read More...
Effective Tools for Software Composition Analysis
4 minute read time
Better developer tools for the software supply chain mean a faster, more effective team.
Read More...
DevOps Made of Steel
3 minute read time
Security Analysts spoke at Sonatype's ELEVATE 2021, sharing their DevOps story and where Nexus Repository and Nexus Lifecycle fit into the journey.
Read More...
Slaying the Dragon of OSS Legal Compliance With the Advanced Legal Pack
3 minute read time
Open source can come with a plethora of legal obligations. Manual reviews can take hundreds of hours for 1 app. Let The Advanced Legal Packs help.
Read More...
Why Sonatype is Acquiring MuseDev
5 minute read time
Sonatype acquired MuseDev, a developer-first source code analysis platform and unveiled the world’s first full-spectrum platform for strengthening.
Read More...
Discord recently patched a set of critical vulns that could allow a skilled attacker to gain Remote Code Execution privileges on the users’ Desktop app.
Read More...