News and notes from the makers of Nexus

Get Blog Updates

by Brian Fox, on March 10, 2017

Tags: oss, vulnerability, Nexus Lifecycle, national vulnerability database, Open Source, policy automation, java, vulnerability disclosure, Application Security, Software Supply Chain, Nexus Repository, Apache Struts2

by Matt Howard, on January 15, 2016

Tags: Software Supply Chain, supply chain management, software development, Application Security, policy automation, Devops, Nexus Repository, Open Source

by Brian Fox, on November 13, 2015

Tags: oss, vulnerability, Nexus Lifecycle, national vulnerability database, Open Source, policy automation, java, vulnerability disclosure, Application Security, Software Supply Chain, Nexus Repository

by Derek Weeks, on April 07, 2015

Tags: Sonatype Nexus, legal, open source governance, open source policy, gpl, Continuous Delivery, policy automation, license risks, Devops, Application Security, Software Supply Chain, Open Source

by Derek Weeks, on July 08, 2014

Tags: Cyber Supply Chain Management and Transparency Act, Component Lifecycle Management, H.R. 5793, government open source software (GOSS), open source components, Cyber Chain Integrity Act, application supply chain management, Wayne Jackson, josh corman, open source software supply chain, application development, Cyber Supply Chain, Application Security, policy automation, bill of materials (of 3rd party and open source co, cyber supply chain management, Software supply chain management, AppSec Spotlight, open source development

by Derek Weeks, on March 17, 2014

Tags: Sonatype Says, security and licensing risk, open source policy, policy enforcement, Everything Open Source, Open Source, Application Security, policy automation, open source review boards, AppSec Spotlight, open source security risks

Recent Posts

Posts by Topic

see all