News and Notes from the makers of Nexus | Sonatype Blog

Better, Faster, Stronger: Nexus Lifecycle's Improved JIRA Add-on Gives Developers and AppSec Something to High-Five About

By Michelle Dufty on August 14, 2019 JIRA

Nexus Lifecycle's new JIRA add-on with violation reporting eliminates the admin overhead of managing fixes. Component fixes are assigned and tracked with one-click.

Read More...

3 Reasons Manual Policies Just Don’t Work

By Derek Weeks on June 10, 2014 Cyber Supply Chain Management and Transparency Act

Over the past four years, Sonatype has surveyed open source development organizations and year after year, we find that developers have the best intentions. They strive to build good quality code,

Read More...

An Open Discussion on Open Source Review Boards

By Derek Weeks on March 17, 2014 Sonatype Says

The recent FS-ISAC whitepaper, “Appropriate Software Security Control Types for Third Party Service and Product Providers”, reveals the majority of internal software applications created by financial

Read More...

The Tipping Point: Human Speed vs. Machine Speed

By Derek Weeks on March 05, 2014 Sonatype Says

What can the financial services industry learn from the U.S. Department of Homeland Security? In this third segment of my blog series on open source component security as it relates to the recently

Read More...

Financial Services Organizations have Open Eyes on Open Source

By Derek Weeks on February 20, 2014 Component Lifecycle Management

Financial Services Organizations have Open Eyes on Open Source

Read More...