Featured Article

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Screen_Shot_2016-07-29_at_4.53.51_PM.png

Government Asks: What’s in Your Software?

By Derek Weeks on July 29, 2016 software bill of materials

5 minute read time

Top performing development organizations embrace supply chain management best practices, including use of a Software Bill of Materials (BOM).

Read More...

Automated Nexus Reports on Licenses, Security, and More

By Derek Weeks on August 05, 2015 nexus pro

4 minute read time

Automated Nexus Reports on Licenses, Security, and More

Read More...

Legal at DevOps Speed

By Derek Weeks on April 07, 2015 Sonatype Nexus

1 minute read time

Paul is not part of our development team, he doesn’t want to be, and he certainly does not slow them down. But with that said, Paul knows how to work at DevOps speed. He knows legal reviews need to

Read More...

42,000 Nexus Repository Managers, and Growing!

By Derek Weeks on November 19, 2014 Cyber Supply Chain Management and Transparency Act

6 minute read time

42,000 Nexus Repository Managers, and Growing!

Read More...

Who is Nigel Simpson? (Lessons of Open Source Governance)

By Derek Weeks on October 28, 2014 Sonatype Says

1 minute read time

Who is Nigel Simpson? (Lessons of Open Source Governance)

Read More...

Part 2 - [ ________ ] is the Best Policy

By David Jones on August 13, 2014 open source survey

3 minute read time

In Part 1, ‘[ ________ ] is the Best Policy, we looked at some of the common aspects of an open source policy and discussed how our recent survey discovered that 41% of people think that policies are

Read More...

Part 1 - [ ________ ] is the Best Policy

By David Jones on August 11, 2014 Cyber Supply Chain Management and Transparency Act

3 minute read time

Open source has been around for donkey's years but until recently the persuasive argument of “many eyeballs” was the guiding policy using open source.

Read More...

Two AppSec Questions Always Asked

By Brian Fox on July 24, 2014 Cyber Supply Chain Management and Transparency Act

4 minute read time

While Repository Health Checks are valuable, we just released something even better: the CLM 1.11 Dashboard. First of all, it helps you answer the first two critical open source vulnerability

Read More...

2014 Open Source Development Survey: Making Results Matter

By Derek Weeks on April 01, 2014 sonatype open source development survey

1 minute read time

Want to win a programmable LEGO robot? Share your voice in this year’s survey. The real intent of the Open Source Development Survey is to SPARK DISCUSSION. Remember, it’s not the stats that

Read More...

New Design, New Features: Maven Central Improvements for Developers

Government Asks: What’s in Your Software?

Automated Nexus Reports on Licenses, Security, and More

Legal at DevOps Speed

42,000 Nexus Repository Managers, and Growing!

Who is Nigel Simpson? (Lessons of Open Source Governance)

Part 2 - [ ________ ] is the Best Policy

Part 1 - [ ________ ] is the Best Policy

Two AppSec Questions Always Asked

2014 Open Source Development Survey: Making Results Matter

Secure your software supply chain

Subscribe for all the latest software security news and events