Decrypting the Ledger connect-kit compromise: A deep dive into the crypto drainer attack

By Ilkka Turunen on December 14, 2023 vulnerabilities

3 minute read time

Sonatype covers how Ledger, a maker of hardware wallets for storing crypto, identified malicious software embedded in one of their open source packages
Read More...

DevSecOps: A beginner's guide

By Aaron Linskens on December 04, 2023 shift left

6 minute read time

Explore the fundamentals of DevSecOps, its principles, practices, and the shift it represents in security within the software development life cycle
Read More...

Software dependencies: A beginner's guide

By Aaron Linskens on October 27, 2023 Software Supply Chain

5 minute read time

Explore software dependencies, their two main categories of direct and transitive, and find out how to manage software dependencies at scale
Read More...

Open source risk management: Safeguarding software integrity

6 minute read time

Explore open source risk management as the identification and mitigation of security, compliance, and operational risks with using open source software
Read More...

A guide for open source software (OSS) security

6 minute read time

Evaluate open source software (OSS) security to ensure safe usage of software components in software development life cycles and software supply chains
Read More...

Enhancing software supply chain security: New Sonatype product capabilities

By Tara Flynn Condon on August 21, 2023 News and Views

3 minute read time

Sonatype announces the latest enhancements for Sonatype Repository Firewall, Sonatype Nexus Repository, and Sonatype Lifecycle.
Read More...

A closer look: Differentiating software vulnerabilities and malware

By Aaron Linskens on July 11, 2023 vulnerabilities

7 minute read time

Vulnerabilities and malware in open source software pose significant threats to the security and integrity of your software supply chain
Read More...

7 software license types explained: Open source and closed source

By Crystal Derakhshan on April 26, 2023 Open Source

7 minute read time

Navigate the complexities of software licenses with this comprehensive guide. Explore their differences, implications, & management strategies.
Read More...

Sonatype Lifecycle enhancements boost speed, security, and productivity

6 minute read time

Sonatype Lifecycle’s new feature enhancements elevate security posture, developer productivity, and operational excellence. Read on for the full details.
Read More...