Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

Software Supply Chains: an Introductory Guide

By Luke Mcbride on October 08, 2021 Open Source
Take a closer look at the software supply chain, including what it contains, why it’s important, and how to protect it from vulnerabilities.
Read More...

Apache Servers Actively Exploited in the Wild, and the Importance of Prompt Patching

By Ax Sharma on October 05, 2021 vulnerabilities
New apache vulnerability exploited in the wild is the result of an incomplete path normalization logic
Read More...

What is a Software Bill of Materials (SBOM)?

By Justin Reynolds on September 27, 2021 software bill of materials
A deep dive into a Software Bill of Materials with top use cases, benefits, and ways to manage.
Read More...

What to Consider When Crafting Your OSS Policy

By Filipp Kofman on July 15, 2021 legal
Building a plan for using open source software in your company means less confusion and risk. A look at some of the necessities and ideals in handling freely available code.
Read More...

How to Better Navigate the World of DevSecOps with Sonatype and Saltworks Security

By Tanya Feghali on July 28, 2020 Open Source
Sonatype and Saltworks talk about how to deliver higher quality software faster while securely taking advantage of everything open source has to offer.
Read More...

How to Establish an Open Source Program Office

By Mark Henke on June 24, 2020 open source governance
Develop an open source software program office to streamline use and compliance. By aligning goals with success metrics, the value of the office is clear.
Read More...

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

By Aditya Khanduri on February 20, 2020 Everything Open Source
Jake, a free tool, identifies vulnerabilities in a Conda environment. It's simple to use, saves time, and empowers you to develop Python projects faster.
Read More...

How to Get Started With Nexus Repository Manager OSS

By Omkar Hiremath on January 14, 2020 Nexus Repository
Repository managers play an important role in software development. Learn how to use Nexus Repository Manager OSS to optimize package storage.
Read More...

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

By Brent Kostak on November 01, 2019 github
Nexus Repository/Datree integration applies policy control on GitHub commits to bring together developer codebase visibility and build artifact management.
Read More...