Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Inevitable:  Earthquakes and Exploits

By Mike Hansen on November 15, 2018 AppSec
Earthquakes and open source vulnerabilities are both inevitable, unpredictable, and can be catastrophic. Sonatype's Mike Hansen talks about what earthquake preparedness can teach us about open source
Read More...

What the TPG-led $80M Investment Means for the Future of Sonatype and the DevSecOps Movement

By Wayne Jackson on September 07, 2018 Sonatype
Sonatype has raised an $80 million round of growth financing led by TPG Capital to fuel global growth requirements as automated open source governance goes mainstream.
Read More...

Deja Vu All Over Again - Another New Apache Struts Vulnerability (CVE-2018-11776)

By Brian Fox on August 23, 2018 Nexus Lifecycle
Another remote code execution vulnerability in Apache’s Struts2 Framework was disclosed on August 22, 2018. Everything you need to know and how to find out if you're affected.
Read More...

Learning in the Modern Enterprise – going to DevOps Enterprise Summit London with an open mindset

By Mirco Hering on June 19, 2018 devops
DevOps Enterprise Summit (DOES) London is taking place next week. Join Sonatype and Mirco Hering to learn more about DevOps in the Modern Enterprise,on Monday June 25th.
Read More...

I Am A Serial Cryptominer: An Open Letter to Software Developers

By Hack Overflow on June 14, 2018 Devops
An open letter to the DevOps community from a cryptocurrency miner.
Read More...

Secure By Design: Preparing for GDPR Should Begin With Software

By Brian Fox on May 10, 2018 data protection
To ensure GDPR compliance, appropriate safeguards must be put in place across the entire software lifecycle.
Read More...

WSJ on Struts: Companies Still Downloading Flaw Linked to Equifax Breach

The Wall Street Journal discusses open-source governance, Struts and how companies are still downloading the flaw that led to the Equifax Breach
Read More...