Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

The Rise of Dependency Scanners

By Curtis Yanko on November 26, 2018 devsecops

2018 has seen a new breed of dependency scanners come onto the scene. These 'manifest' driven scanners allow for their inclusion into source code control


Introducing Sonatype DepShield: Free for GitHub Developers

By Michelle Dufty on August 14, 2018 github

I am pleased to announce that we just launched Sonatype DepShield, a free GitHub app that automatically identifies vulnerabilities within open source