Critical New 0-day Vulnerability in Popular Log4j Library Discovered | Read Blog

Featured Article

PyPI Flooded with 1,275 Dependency Confusion Packages

By Ax Sharma on January 24, 2022 vulnerabilities

Popular Python open source software repository, PyPI has been flooded with over 1,200 dependency confusion packages by the same actor.

Read More...

SHARE:

Sonatype_Blog_Logo_White
bark-branches-environment-1632790
READ MORE

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

By Brent Kostak on November 01, 2019 github
Nexus Repository/Datree integration applies policy control on GitHub commits to bring together developer codebase visibility and build artifact management.
Read More...
GettyImages-964398900
READ MORE

Activate Your Shield Against Open Source Invasions

By Katie McCaskey on August 09, 2019 open source management
Mike Van Doren, Sonatype Solution Architect, identifies the infinity stones that grant superpowers in the Nexus ecosystem.
Read More...
GettyImages-899434516
READ MORE

A World of Infinite Choice in Open Source Software

The 2019 Software Supply Chain Report explains the development environment we're all living in and what we can learn from exemplar dev teams.
Read More...
GettyImages-919509810
READ MORE

Malicious Code Injection Strikes Again as npm Foils $13M Cryptocurrency Theft

By Derek Weeks on June 07, 2019 vulnerabilities
The latest attempt at a cryptocurrency heist demonstrates how open source software components are used throughout the cryptocurrency ecosystem.
Read More...
GettyImages-831103614-1
READ MORE

Build Better Component Practices: Crawl. Walk. Run.

By Sylvia Fronczak on November 06, 2018 component governance
Whether you're just getting started or attempting to take the next step in improving your organization's open source processes, there are lessons you can learn. Sonatype's lead customer success
Read More...
GettyImages-157189322
READ MORE

Open Source Governance Hits the C-Suite

By Derek Weeks on April 11, 2018 open source management
The Wall Street Journal’s Adam Janofsky wrote an article entitled, How Companies Can Manage Risks Tied to Open-Source Software*. Coverage of this topic sheds light on a topic for executives, that has
Read More...
READ MORE

42,000 Nexus Repository Managers, and Growing!

42,000 Nexus Repository Managers, and Growing!
Read More...
READ MORE

Part 2 - [ ________ ] is the Best Policy

By David Jones on August 13, 2014 open source survey
In Part 1, ‘[ ________ ] is the Best Policy, we looked at some of the common aspects of an open source policy and discussed how our recent survey discovered that 41% of people think that policies are
Read More...
READ MORE

The Tipping Point: Human Speed vs. Machine Speed

By Derek Weeks on March 05, 2014 Sonatype Says

What can the financial services industry learn from the U.S. Department of Homeland Security? In this third segment of my blog series on open source component security as it relates to the recently

Read More...
Twitter LinkedIn Facebook YouTube GitHub
Products
Free Tools
Solutions
Resources
Customer Portal
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759

Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102

Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia

London Office -168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Event Terms and Conditions   Do Not Sell My Personal Information