Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials
On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.
Read More...

The Weakest Link Might be Your Supply Chain: Just Ask The Pentagon

Whether you’re talking about software applications, or national security, or both, there is an imminent need to better understand who you’re doing business with, and what’s coming into your house.
Read More...

What can we learn from 200 Billion JavaScript downloads

By Derek Weeks on February 08, 2018 Javascript
JavaScript packages downloaded from the npm repository now tops 200 billion downloads annually. We dissect what that means for the open source community.
Read More...

Strengthening Software Supply Chains for Everyone: Why Grafeas is a Great Idea

By Brian Fox on October 17, 2017 Nexus Lifecycle
In keeping with our long standing commitment to open innovation — Sonatype is excited to add unique value to the Grafeas community so organizations everywhere can automatically strengthen and secure
Read More...