The 2020 State of the Software Supply Chain Report is available!

Study Shows High-Performance Dev Teams Fix OSS Vulns 26x Faster | Press Release

blog-logo Sonatype Blog

Best-in-Class: Introducing Enhanced OSS Index Data

By Najla Dadmand on September 01, 2020 featured
Sonatype’s free catalog of open source components and scanning tools for developers, OSS Index, now has more data, improved component choice and better remediation.

OSS Index Contributor Asks: Where 'R' You?

Dr. Colin Gillespie, co-author of the book, Efficient R Programming, talks about contributing to open source software projects and using OSS Index.

How to Use Sonatype OSS Index to Identify Security Vulnerabilities

By Casey Dunham on January 09, 2020 github
OSS Index enables developers to quickly find vulnerabilities in any library with an easy-to-use search feature. Learn more, and how to access the plugins.

The Rise of Dependency Scanners

By Curtis Yanko on November 26, 2018 devsecops
Software composition analysis has seen a spike in growth from developers on Github to help with their devsecops journey.

Introducing Sonatype DepShield: Free for GitHub Developers

By Michelle Dufty on August 14, 2018 github
Today, Sonatype announced Sonatype DepShield, a new GitHub application that enables developers to experience basic open source governance, free of charge.