Featured Article

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

By Aditya Khanduri on February 20, 2020 Everything Open Source

Jake, a free tool, identifies vulnerabilities in a Conda environment. It's simple to use, saves time, and empowers you to develop Python projects faster.

Read More...

42,000 Nexus Repository Managers, and Growing!

By Derek Weeks on November 19, 2014 Cyber Supply Chain Management and Transparency Act

42,000 Nexus Repository Managers, and Growing!

Read More...

Who is Nigel Simpson? (Lessons of Open Source Governance)

By Derek Weeks on October 28, 2014 Sonatype Says

Who is Nigel Simpson? (Lessons of Open Source Governance)

Read More...

Securosis Dives Deep into our 2014 Survey

By Derek Weeks on July 02, 2014 Cyber Supply Chain Management and Transparency Act

There are two ways to motivate others to action: emotional appeal and fact based analysis. Our 2014 Open Source and Application Security survey results touched on both. We've run this survey for the

Read More...

Code Snippet Scanning: Is it Really Needed Anymore?

By Brian Fox on April 03, 2014 Sonatype Says

Code snippet scanning is a common question we get from prospects. We typically try to dig at why the prospect actually thinks they need snippet matching. We think this comes from mis-informed demand.

Read More...

Sonatype Blog

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

42,000 Nexus Repository Managers, and Growing!

Who is Nigel Simpson? (Lessons of Open Source Governance)

Securosis Dives Deep into our 2014 Survey

Code Snippet Scanning: Is it Really Needed Anymore?