Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials
On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.
Read More...

WSJ on Struts: Companies Still Downloading Flaw Linked to Equifax Breach

The Wall Street Journal discusses open-source governance, Struts and how companies are still downloading the flaw that led to the Equifax Breach
Read More...

Eight More Struts Breaches

When using vulnerable versions of the framework, organizations are breached. Everyone knows the Equifax story, but for folks like me who have been paying closer attention, the story also includes the
Read More...

Malicious Intent: Open Source Developers, Please Protect Your Users

By Brian Fox on February 14, 2018 software bill of materials
Pay attention to your own digital security as you would if you were protecting millions of others. Malicious code found in npm package conventional-changelog.
Read More...

Doctor, Doctor, Can't You See?  Congress Calls for Cybersecurity.

By Derek Weeks on November 17, 2017 software bill of materials
Congressman Walden sent a letter to the U.S. Department of Health and Human Services (HHS) requesting a software bill of materials (SBOM).
Read More...

Medical Device Security: A New Look at Open Source Software

An effort to keep our healthcare system and medical devices secure is being spearheaded by the Healthcare Industry Cybersecurity Task Force
Read More...

The Trump White House Takes Aim at Cybersecurity

The Trump White House Takes Aim at Cybersecurity. Introduces Executive Order: STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE.
Read More...

Nexus Repository Rising: Say Hello to the New Pro

By Derek Weeks on September 13, 2016 software bill of materials
Upgrade to Nexus Repository Pro 3, now with active-active high availability. Build the best software using precise component intelligence.
Read More...

Government Asks: What’s in Your Software?

Top performing development organizations embrace supply chain management best practices, including use of a Software Bill of Materials (BOM).
Read More...