Cybersecurity and Beyond: Why Secure Procurement is a Must for Your Organization

By Michael Griffin on December 05, 2022 thought leaders

5 minute read time

Michael Griffin discusses how cybersecurity and mature procurement go hand-in-hand, and how Sonatype helps make sure that this process is secure.
Read More...

U.S. Government’s Guidelines for Securing Software: Suppliers

By Sonatype on November 23, 2022 secure software supply chain

7 minute read time

Sonatype breaks down the software supply chain best practices for suppliers that were recently released by the ESF Software Supply Chain Working Panel.
Read More...

How Is the Sonatype Safety Rating Determined?

1 minute read time

The Sonatype Safety Rating is an aggregate rating designed to estimate the likelihood of an open source project containing security vulnerabilities.
Read More...

What Is Container Security, and How Can You Boost Yours?

6 minute read time

In this blog post, we take an in-depth look at container security, including ways to boost security and how Sonatype's container security tools can help.
Read More...

How You Can Manage and Eliminate Technical Debt

7 minute read time

Understanding technical debt is critical to better understanding, and securing, your software supply chain.
Read More...

Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices - Part 1

By Eric Hill on September 19, 2022 Nexus Lifecycle

4 minute read time

Sonatype's Nexus Platform helps give DevSecOps practitioners the tools they need to help secure the software supply chain against malicious cyber attacks.
Read More...

Why Developers are Becoming the Weakest Link in Supply Chain Attacks

5 minute read time

As cyber-attacks continue to grow, threat actors have shifted their focus from endpoints and end users to the software supply chain.
Read More...

White House Releases Executive Order on America's Software Supply Chains

By Derek Weeks on February 25, 2021 secure software supply chain

2 minute read time

Following recent SolarWinds attacks on multiple government agencies, US President Biden calls for comprehensive reviews of software supply chains.
Read More...

Turkish Banking Agency Mandates Better Software Supply Chain Hygiene

4 minute read time

The Banking Regulation and Supervision Agency has introduced new standards to protect the Turkish citizenry and require banks to more aggressively protect customer data, payment information and
Read More...