Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Software Composition Analysis: A Matter of Perspective (and Experience)

The SCA market is young - leaving everyone wrestling with a critical question: is it a security-centric, developer-centric, or a legal-centric endeavor? At Sonatype, we believe it's all of the above.
Read More...

What can we learn from 200 Billion JavaScript downloads

By Derek Weeks on February 08, 2018 Javascript
JavaScript packages downloaded from the npm repository now tops 200 billion downloads annually. We dissect what that means for the open source community.
Read More...

Equifax and Struts: An Ounce of Prevention is Worth a Pound of Cure.

By Matt Howard on September 14, 2017 open source governance
A $50 billion dollar question is begged. What, if anything, could Equifax have done differently to prevent the Struts breach from happening?
Read More...