Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Keeping third-party dependencies in check with Nexus Lifecycle

By Nikita Belokopytov on March 18, 2019 Nexus Lifecycle

In this article I explain the risks of third-party dependencies and how to mitigate them with appropriate tools.

Read More...

How to extract your Android project’s dependencies with a Gradle task

By Nikita Belokopytov on March 18, 2019 Nexus Lifecycle

I explain how to use a Gradle task to ensure all of your project’s dependencies are configured as an input enable Nexus Lifeccycle (IQ Server) to better

Read More...

Enhanced Support for Python in Nexus Lifecycle

By Michelle Dufty on February 06, 2019 Nexus Lifecycle

At Sonatype, we pride ourselves on arming development and security teams with precise and actionable intelligence to build software faster, with less risk.

Read More...

DevSecOps at Emerasoft: Sonatype Nexus Lifecycle and F5-Advanced WAF

By Ugo Ciracì on February 05, 2019 Nexus Lifecycle

 

Cybersecurity Status, 2018. Standing to the many available reports on cybercrime, 2018 has seen the "definitive" rise of cyber attacks. From Ransomware

Read More...

Policy Governance Made Easy - Introducing the Nexus Notifier Plugin for Bitbucket

By Justin Young on September 04, 2018 Nexus Lifecycle

The need for open source governance throughout the development lifecycle has never been greater. And yet, at the same time, the modern developer has never

Read More...

New Policy Grandfathering: Automating Open Source Governance at Your Own Pace

By Michelle Dufty on August 29, 2018 Nexus Lifecycle

So you just purchased and installed Nexus Lifecycle because it’s time to automate your open source policies at scale - great news! Next, you onboard your

Read More...

New JavaScript intelligence now available in the Nexus Platform

By Michelle Dufty on August 29, 2018 Nexus Lifecycle

Today we released a new version of our JavaScript intelligence, making it easier for developers to analyze and remediate vulnerabilities and license issues.

Read More...

How to Keep Vulnerable Versions of Struts Out of Your Nexus Repository

By Christopher Tolo on August 24, 2018 Nexus Lifecycle

When a new vulnerability is discovered in Apache Struts I am often asked by our customers, “Can I create a Firewall Policy in Nexus IQ Server to block all

Read More...

Deja Vu All Over Again - Another New Apache Struts Vulnerability (CVE-2018-11776)

By Brian Fox on August 23, 2018 Nexus Lifecycle

Another remote code execution vulnerability in Apache’s Struts2 Framework was disclosed late yesterday - leaving many feeling like they’re having Deja Vu.

Read More...