Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

Return on Investment in Software Composition Analysis?

By IT Central Station on August 20, 2021 Nexus Lifecycle
Having become a more standard part of the software development process, SCA is increasingly taken for granted as worth the investment, but is it?
Read More...

Javascript Scanning Now Supported In Jetbrains IDEs: Intellij IDEA, Webstorm, and More

By Kevin Miller on July 30, 2021 Nexus Lifecycle
The Sonatype Nexus platform now evaluates and analyzes Javascript/Node components directly in IntelliJ IDEA.
Read More...

Effective Tools for Software Composition Analysis

By IT Central Station on July 14, 2021 Nexus Lifecycle
Better developer tools for the software supply chain mean a faster, more effective team. Sonatype customers share the tools that help them move faster and with less risk.
Read More...

DevOps Made of Steel

By Phil Vuollet on June 29, 2021 Nexus Lifecycle
Security Analysts from U.S. Steel Corporation spoke at Sonatype's ELEVATE 2021, sharing their DevOps story and where Nexus Repository and Nexus Lifecycle fit into the journey.
Read More...

Slaying the Dragon of OSS Legal Compliance with the Advanced Legal Pack

By Dariush Griffin on May 04, 2021 Nexus Lifecycle
Open source can come with a plethora of legal obligations. Manual reviews can take hundreds of hours for 1 app. The Advanced Legal Packs automates that process giving developers and legal teams their
Read More...

Onboarding Nexus Lifecycle Through SCM

By Kevin Miller on April 22, 2021 Nexus Lifecycle
We're simplifying the Nexus Lifecycle onboarding process, and making it easy to quickly onboard apps from a source control repository such as GitHub, GitLab, and Bitbucket.
Read More...

Why Sonatype is Acquiring MuseDev

By Brian Fox on March 16, 2021 Nexus Lifecycle
Today, Sonatype acquired MuseDev, a developer-first source code analysis platform and unveiled the world’s first full-spectrum platform for strengthening cloud-native software supply chain
Read More...

Open Source and Cloud Security Together at Last

By Kevin Miller on November 12, 2020 Nexus Lifecycle
Sonatype and Fugue partner to combine Open Source and Cloud Security and Compliance
Read More...

Discord squashes critical Electron bugs: open source attacks continue to grow

By Ax Sharma on October 21, 2020 Nexus Lifecycle
Discord recently patched a set of critical vulns that could allow a skilled attacker to gain Remote Code Execution privileges on the users’ Desktop app.
Read More...