Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Eight More Struts Breaches

When using vulnerable versions of the framework, organizations are breached. Everyone knows the Equifax story, but for folks like me who have been paying closer attention, the story also includes the
Read More...

Struts One-Two Punch Knocks Out India

The social security system of India, AADHAAR, was just breached due to a Struts related vulnerability exploited on their website. If you are not familiar with AADHAAR, it offers a 12-digital personal
Read More...

Open Source Governance Hits the C-Suite

By Derek Weeks on April 11, 2018 open source management
The Wall Street Journal’s Adam Janofsky wrote an article entitled, How Companies Can Manage Risks Tied to Open-Source Software*. Coverage of this topic sheds light on a topic for executives, that has
Read More...

Nexus User Conference: Online, Free, June 6 - 7

By Derek Weeks on March 16, 2018 Nexus Lifecycle
The first annual Nexus User Conference is online, June 6 - 7, 2018.
Read More...

Nexus Repository 3.9 Released with a new Upload UI and Firewall Support

e are pleased to announce the release of Nexus Repository 3.9. This release adds two major features: (1) Components can now be uploaded directly from the UI and (2) Nexus Repository Pro is no longer
Read More...

DevSecOps and GDPR:  Why Open Source Risk Management Has Never Been More Important

Modern IT teams must: 1. accelerate innovation by harnessing the power of open source and 2. minimize risk by creating flexible controls to automate compliance.
Read More...

Evaluating OSS logistics solutions? Consider these 9 tips.

By Derek Weeks on February 24, 2015 Sonatype vs. Black Duck

With well over 17 billion open source components downloaded from public repositories in 2014, it is clear that more software development organizations are assembling software from component building

Read More...