Skip Navigation
Book a Demo
Book a Demo

Featured Article

Sonatype Named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

By Tara Flynn Condon on May 23, 2023 AppSec

Sonatype is named to the 2023 Gartner Magic Quadrant for Application Security Testing (AST).

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Sonatype Lifecycle Enhancements Boost Speed, Security, and Productivity

By Nitin Phadnis on March 30, 2023 Nexus Lifecycle

5 minute read time

Sonatype Lifecycle’s new feature enhancements elevate security posture, developer productivity, and operational excellence. Read on for the full details.
Read More...
READ MORE

Sonatype's SBOM Generation Capabilities Outpace the Competition

By Audra Davis-Hurst on March 22, 2023 Nexus Lifecycle

9 minute read time

Better data, a dedicated security team, and the analytical capabilities of BOM Doctor are all part of what makes Sonatype's SBOM capabilities superior.
Read More...
READ MORE

Sonatype Nexus Lifecycle Boosts Open Source Security and Dependency Management

By Audra Davis-Hurst on January 13, 2023 Nexus Lifecycle

10 minute read time

Nexus Lifecycle is designed to monitor for problems at every stage of the software development life cycle (SDLC) and automatically address them.
Read More...
READ MORE

Developers Need Two Things: The Nexus Platform and a Full Pot of Coffee

By Austin Bradley on December 13, 2022 Nexus Lifecycle

5 minute read time

Waiting too long to invest in security is too common. Sonatype's Nexus platform helps orgs protect themselves from known and unknown vulnerabilities.
Read More...
READ MORE

5 Key Open Source Security Risks and How to Prevent Them

By Luke Mcbride on December 01, 2022 Nexus Lifecycle

5 minute read time

An in-depth look at several key open source security and license risks, along with plans and methods to insulate yourself or avoid them entirely.
Read More...
READ MORE

The No-Fix Mediums? Not Having a High Priority Doesn’t Mean Low Danger

By Luke Mcbride on October 31, 2022 Nexus Lifecycle

5 minute read time

An ongoing weak link in the software supply chain is vulnerable software – are you being proactive or just putting out fires?
Read More...
READ MORE

Despite What Some Vendors Say, Please Don’t Ignore Log4j

By Stephen Magill on September 26, 2022 Nexus Lifecycle

5 minute read time

Ignoring Log4j and recommending that high-risk open source vulnerabilities be left in application code isn't just irresponsible, it's dangerous.
Read More...
READ MORE

Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices - Part 1

By Eric Hill on September 19, 2022 Nexus Lifecycle

4 minute read time

Sonatype's Nexus Platform helps give DevSecOps practitioners the tools they need to help secure the software supply chain against malicious cyber attacks.
Read More...
Image of a courtroom
READ MORE

Open Source Licensing Shift: Fedora Blocks Creative Commons CC0

By Luke Mcbride on August 01, 2022 Nexus Lifecycle

6 minute read time

Recent news of a popular license no longer allowed in open source projects underlines the ongoing evolution of licenses and legal risk.
Read More...