Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

What Constitutes a Software Supply Chain Attack?

By Ax Sharma on August 03, 2021 vulnerabilities
ENISA feels the term software supply chain attack is overused, so what does constitute a supply chain attack?
Read More...

Kaseya Ransomware: a Software Supply Chain Attack or Not?

By Matt Howard on July 06, 2021 vulnerabilities
As companies scramble to address and resolve this devastating attack, we look at what makes a supply chain and what it takes to address upstream attacks.
Read More...

Biden Executive Order on Cybersecurity Calls for Enhanced Software Supply Chain Security

Biden's Cybersecurity Executive Order mandates software supply chain security and secure development practices, including creating a software bill of materials for all applications.
Read More...

The SolarWinds Software Supply Chain Attack: How Developers Can Protect Applications

By Derek Weeks on December 22, 2020 vulnerabilities
The SolarWinds software supply chain attack has made it clear that open source developers need to act now and intelligently manage third party dependencies to protect their apps.
Read More...

Introducing our 2020 State of the Software Supply Chain Report

By Derek Weeks on August 12, 2020 Software Supply Chains
Sonatype's 2020 State of the Software Supply Chain Report shows that faster innovation and better risk management do not have to be mutually exclusive.
Read More...

Want to Understand Software Supply Chains? Ask Red Hat

By Matt Howard on September 01, 2017 Red Hat
Want to learn about automating and scaling modern software supply chains? Ask our friends at Red Hat. They know what they're talking about.
Read More...

Internet of Things Cybersecurity Improvement Act of 2017

By Derek Weeks on August 01, 2017 open source goveranance
Internet of Things Cybersecurity Improvement Act of 2017
Read More...

2017 State of the Software Supply Chain Report

By Wayne Jackson on July 17, 2017 Docker
Today, Sonatype introduces its third annual State of the Software Supply Chain report.
Read More...