Skip Navigation
Book a Demo
Book a Demo

Featured Article

Sonatype Named in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

By Tara Flynn Condon on May 23, 2023 AppSec

Sonatype is named to the 2023 Gartner Magic Quadrant for Application Security Testing (AST).

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Can the Open Source Community Save Europe from the Cyber Resilience Act?

By Jeff Wayman on April 27, 2023 thought leaders

7 minute read time

Examine the open source community's response to the EU Cyber Resilience Act, and its potential consequences for the future of innovation & collaboration.
Read More...
Illustrated picture of lightning bults with skulls raining down on 3 umbrellas
READ MORE

EU Cyber Resilience Act: Good for Software Supply Chain Security, Bad for Open Source?

By Brian Fox on December 22, 2022 secure software supply chain

10 minute read time

The Cyber Resilience Act is the European Union's proposed regulation to combat threats affecting any digital entity. What does that mean for open source?
Read More...
GettyImages-1062337336-1
READ MORE

Inevitable:  Earthquakes and Exploits

By Mike Hansen on November 15, 2018 AppSec

3 minute read time

Earthquakes and open source vulnerabilities are both inevitable, unpredictable, and can be catastrophic. Sonatype's Mike Hansen talks about what earthquake preparedness can teach us about open source
Read More...
My Post (6)
READ MORE

What the TPG-led $80M Investment Means for the Future of Sonatype and the DevSecOps Movement

By Wayne Jackson on September 07, 2018 Sonatype

2 minute read time

Sonatype has raised an $80 million round of growth financing led by TPG Capital to fuel global growth requirements as automated open source governance goes mainstream.
Read More...
LC 1
READ MORE

Deja Vu All Over Again - Another New Apache Struts Vulnerability (CVE-2018-11776)

By Brian Fox on August 23, 2018 Nexus Lifecycle

2 minute read time

Another remote code execution vulnerability in Apache’s Struts2 Framework was disclosed on August 22, 2018. Everything you need to know and how to find out if you're affected.
Read More...
mirco_hering_headshot
READ MORE

Learning in the Modern Enterprise – going to DevOps Enterprise Summit London with an open mindset

By Mirco Hering on June 19, 2018 devops

2 minute read time

DevOps Enterprise Summit (DOES) London is taking place next week. Join Sonatype and Mirco Hering to learn more about DevOps in the Modern Enterprise,on Monday June 25th.
Read More...
GettyImages-866083720
READ MORE

I Am A Serial Cryptominer: An Open Letter to Software Developers

By Hack Overflow on June 14, 2018 Devops

5 minute read time

An open letter to the DevOps community from a cryptocurrency miner.
Read More...
GDPR-Article 25
READ MORE

Secure By Design: Preparing for GDPR Should Begin With Software

By Brian Fox on May 10, 2018 data protection

4 minute read time

To ensure GDPR compliance, appropriate safeguards must be put in place across the entire software lifecycle.
Read More...
SON_Survey2018_13
READ MORE

WSJ on Struts: Companies Still Downloading Flaw Linked to Equifax Breach

2 minute read time

The Wall Street Journal discusses open-source governance, Struts and how companies are still downloading the flaw that led to the Equifax Breach
Read More...