Sonatype Selected by Equifax to Support OS Governance Press Release

SON_logo_blog_2

GDPR and OSS. How are they linked and why should you care?

By Ryan Sheldrake on November 29, 2017 #OSSsecurity

What does GDPR have to do with Open Source Software (OSS)?

The answer is Data. 

Read More...

Cybersecurity Improvement Act of 2017:  The Ghost of Congress Past

By Matt Howard on August 01, 2017 #OSSsecurity

It seems like yesterday when when Representative Ed Royce proposed legislation entitled the Cyber Supply Chain Management and Transparency ActIn

Read More...

Vor Security brings OSS Index to Sonatype

By Brian Fox on June 29, 2017 #OSSsecurity

Our data research team is always on the lookout for ways to expand Nexus Lifecycle’s coverage with new sources and feeds of data. A little under a year ago,

Read More...

Heartbleed: The Open Source Vulnerability that Keeps on Giving (and Taking)

By Matt Howard on June 12, 2017 #OSSsecurity

Disclosed in April 2014, Heartbleed is the vulnerability gift that keeps on giving to some -- and taking away from others.  The latest example of this

Read More...

We're a Java shop, we're not going to get hacked...

By Tim OBrien on March 27, 2012 Nexus Repo Reel

This article is another in a series of articles associated with our Executive Brief. To access the executive brief, “Addressing Security Concerns in

Read More...

Today's Security Brief: Application security is widely neglected (by some surprising companies)

By Tim OBrien on March 26, 2012 Nexus Repo Reel

Today we published a paper with Aspect Security, and it's a shocking look at how few people are paying attention to application security. If you consume

Read More...