Sonatype Selected by Equifax to Support OS Governance Press Release
blog-logo Sonatype Blog

Featured Article

Win a $100 Gift Card: Take a Brief Survey on Software Composition Analysis

By Shade Solon on September 20, 2019 github

If you are excited about GitHub Actions, and want to understand the open source dependencies in your software, fill out this survey for a chance to win.

Read More...

SHARE:

Filter by:
GettyImages-1138004657-1
READ MORE

A More Secure Web Needs Developers, Defenders, Advocates, and OSS

By Katie McCaskey on September 13, 2019 security
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...
GettyImages-626241886
READ MORE

Anatomy of the RubyGems ‘rest-client’ hack, and getting creative about open source security

By Brian Fox on August 23, 2019 open source security
Last month, the RubyGems strong_password component was breached and injected with malicious code. This is only the latest example of bad actors attacking developers at the source.
Read More...
GettyImages-1044578200
READ MORE

NIST Proposes Standards to Secure Government SDLC

NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...
GettyImages-943909666-1
READ MORE

DevOps: The Blue Ocean Tide is Rising

By Wayne Jackson on October 04, 2018 open source security
The market for DevOps and DevSecOps automation is super hot. Here's why.
Read More...
READ MORE

Sonatype and Bamboo: Improving Your Builds

By Derek Weeks on March 03, 2015 Software Supply Chain

Sonatype now provides native Atlassian Bamboo support to improve the quality of your build outputs. Sonatype provides instant analysis of open source components used in every Bamboo build and alerts

Read More...
READ MORE

42,000 Nexus Repository Managers, and Growing!

42,000 Nexus Repository Managers, and Growing!
Read More...
READ MORE

Who is Nigel Simpson? (Lessons of Open Source Governance)

By Derek Weeks on October 28, 2014 Sonatype Says
Who is Nigel Simpson? (Lessons of Open Source Governance)
Read More...
READ MORE

Securosis Dives Deep into our 2014 Survey

There are two ways to motivate others to action: emotional appeal and fact based analysis. Our 2014 Open Source and Application Security survey results touched on both. We've run this survey for the

Read More...
READ MORE

Code Snippet Scanning: Is it Really Needed Anymore?

By Brian Fox on April 03, 2014 Sonatype Says

Code snippet scanning is a common question we get from prospects. We typically try to dig at why the prospect actually thinks they need snippet matching. We think this comes from mis-informed demand.

Read More...
Twitter LinkedIn Facebook Instagram YouTube GitHub
Products
Security Research
Solutions
Resources
About
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Sydney, NSW 2000, Australia 
London Office - 199 Bishopsgate, London EC2M 3TY

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy