Despite What Some Vendors Say, Please Don’t Ignore Log4j

By Stephen Magill on September 26, 2022 Nexus Lifecycle

5 minute read time

Ignoring Log4j and recommending that high-risk open source vulnerabilities be left in application code isn't just irresponsible, it's dangerous.
Read More...

Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices - Part 1

By Eric Hill on September 19, 2022 Nexus Lifecycle

4 minute read time

Sonatype's Nexus Platform helps give DevSecOps practitioners the tools they need to help secure the software supply chain against malicious cyber attacks.
Read More...

Open Source Licensing Shift: Fedora Blocks Creative Commons CC0

By Luke Mcbride on August 01, 2022 Nexus Lifecycle

6 minute read time

Recent news of a popular license no longer allowed in open source projects underlines the ongoing evolution of licenses and legal risk.
Read More...

Smarter Policy and Advanced Component Search With Nexus Lifecycle Updates

By Chris Good on June 30, 2022 Nexus Lifecycle

5 minute read time

New features improve your software supply chain management tools with flexible controls, intelligent search, and better software project onboarding.
Read More...

Take Control of Your InnerSource Components with InnerSource Insight

By Chris Good on May 11, 2022 Nexus Lifecycle

7 minute read time

InnerSource Insight, an industry-first capability, makes it easier and safer for developers to use components developed by others in their organization.
Read More...

New Developer Tools for Open Source Dependency Management

By Chris Good on March 15, 2022 Nexus Lifecycle

5 minute read time

Nexus platform customers can now access improved dependency visualization, better track policy exceptions, and work with PHP.
Read More...

How Large Organizations Can Easily Scan for Log4j Vulnerabilities

By Rishav Mishra on December 31, 2021 Nexus Lifecycle

7 minute read time

Large orgs looking for the Log4j vulnerability in 1000s of apps, can be more effective and efficient with Nexus Lifecycle and Easy SCM Onboarding.
Read More...

New Nexus Lifecycle Enhancements Deliver Faster Remediation Experience

By Chris Good on December 03, 2021 Nexus Lifecycle

3 minute read time

Prevent development hazards with new Nexus Lifecycle features to quickly compare versions, avoid vulnerabilities, and evaluate open source licenses.
Read More...

Return on Investment in Software Composition Analysis?

By IT Central Station on August 20, 2021 Nexus Lifecycle

4 minute read time

Having become a more standard part of the software development process, SCA is increasingly taken for granted as worth the investment, but is it?
Read More...