News and Notes from the Makers of Nexus | Sonatype Blog

Introducing Our 8th Annual State of the Software Supply Chain Report

By Stephen Magill on October 18, 2022 State of the Software Supply Chain

Announcing the arrival of our 8th Annual State of the Software Supply Chain Report looking at managing open source security, industry trends, and more.

Read More

Malicious Code Injection Strikes Again as npm Foils $13M Cryptocurrency Theft

By Derek Weeks on June 07, 2019 vulnerabilities

2 minute read time

The latest attempt at a cryptocurrency heist demonstrates how open source software components are used throughout the cryptocurrency ecosystem.

Read More...

House Oversight Report: Equifax Open Source Breach Was Entirely Preventable

By Matt Howard on December 10, 2018 devsecops

3 minute read time

Equifax is not alone. In the last decade, there have been hundreds, if not thousands, of companies have suffered the exact same, easily preventable, mistake. If you want help eliminating open source

Read More...

An Open Discussion on Open Source Review Boards

By Derek Weeks on March 17, 2014 Sonatype Says

1 minute read time

The recent FS-ISAC whitepaper, “Appropriate Software Security Control Types for Third Party Service and Product Providers”, reveals the majority of internal software applications created by financial

Read More...

Software composition analysis

Container Security

CODE QUALITY ANALYSIS

Repository MANAGEMENT

Complete Platform

Book a Demo

For Professionals

For Industries

Content

CUSTOMER Portal

Integrations & Free Tools

About us

Contact Us

Sonatype Blog

Introducing Our 8th Annual State of the Software Supply Chain Report

Malicious Code Injection Strikes Again as npm Foils $13M Cryptocurrency Theft

House Oversight Report: Equifax Open Source Breach Was Entirely Preventable

An Open Discussion on Open Source Review Boards

Products

Free Tools

Solutions

Resources

Customer Portal

Company