Featured Article
New Design, New Features: Maven Central Improvements for Developers
Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree
5 minute read time
Building good hygiene habits as part of our development practice helps the community at large. Here's how to use Nexus Repository OSS as part of it.
Read More...
Gartner: You Must Assess Overall Software Health and Welfare
4 minute read time
Gartner reports that mature organizations are expanding open-source management to include health assessment by default.
Read More...
Nexus Lifecycle Now Integrates with Azure DevOps to Secure Software Supply Chains in the Cloud
2 minute read time
The Nexus IQ Extension for Azure DevOps scans builds to identify open source security, license, or quality policy violations.
Read More...
Alexa: What’s the Future of Cyber Security?
5 minute read time
The software supply chain connects everyone and everything but attacks to this connected web can be blatant and overt, with damaging consequences - especially within the federal government.
Read More...
Who Cares if Supermicro Happened. Supply Chain Attacks are Real and It’s Time to Pay Attention
3 minute read time
Technology supply chain attacks are happening in the wild, and whether or not the Supermicro story is real, it should be a wake-up call for all of us.
Read More...
Fooled twice by the same open source problem? Shame on you. The data behind CVE-2017-8046.
2 minute read time
Organizations keep software applications safe, not by chance, but by preparation. Open source vulnerabilities like Struts 2 and Spring are going to happen, companies need continuous monitoring to
Read More...
Sonatype Statement: Struts2 and Equifax Breach
2 minute read time
Organizations like Equifax who leverage open source are responsible for practicing hygiene in a timely manner when fixes for vulnerabilities are available.
Read More...