Skip Navigation

Enhancing software supply chain security: New Sonatype product capabilities

By Tara Flynn Condon on August 21, 2023 News and Views

3 minute read time

Sonatype announces the latest enhancements for Sonatype Repository Firewall, Sonatype Nexus Repository, and Sonatype Lifecycle.
Read More...

Arming the defender force and securing the software supply chain: Helping developers implement CISA best practices - Part 1

By Eric Hill on September 19, 2022 secure software supply chain

4 minute read time

Sonatype's Nexus Platform helps give DevSecOps practitioners the tools they need to help secure the software supply chain against malicious cyber attacks.
Read More...

CVE-2022-31289: Neither bug nor vulnerability

By Michael Prescott on June 16, 2022 vulnerability

3 minute read time

A recent report of a Nexus Repository vulnerability is not a security concern and no software update is required. A look at issue and similar concerns.
Read More...

New Sonatype Nexus Repository Visualizer provides insights into Log4j usage

By Chris Good on December 30, 2021 featured

4 minute read time

Vulnerable Log4j components are still in active use. New functionality available for Sonatype's Nexus Repository monitors and helps address these issues.
Read More...

How DevOps at scale and tool onboarding relate

By Fred Jonkhart on November 29, 2021 Devops

12 minute read time

Supporting developers in their DevOps transformation means more than just access to services. A look enterprise CI/CD efforts at ABN AMRO.
Read More...

Update to CVE-2019-7238 in Nexus Repository Manager 3

By Brent Kostak on April 12, 2021 Nexus Repository 3

1 minute read time

An article was brought to our attention that suggests a new attack tactic is targeting an old vulnerability in NXRM, CVE-2019-7238.
Read More...

Sonatype Nexus Repository 3.30: Microsoft Azure Blob Storage support for expanded cloud deployments

By Brent Kostak on March 15, 2021 Product

4 minute read time

Sonatype Nexus Repository Pro users can now manage and deploy their critical infrastructure on Microsoft’s Azure Cloud Platform.
Read More...

Sonatype releases new Sonatype Repository Firewall policy to secure software supply chains from "dependency confusion" attacks

By Brent Kostak on March 04, 2021 featured

5 minute read time

Sonatype’s new Dependency Confusion Policy Protection using Nexus Firewall and Nexus Repository can now automate dependency confusion protection at scale
Read More...

Namespace confusion: Minimizing risk with Sonatype Nexus Repository

By Michael Prescott on February 10, 2021 namespace

3 minute read time

Nexus Repository (NXRM) can help minimize your risk against namespace confusion with a feature called repository routing rules.
Read More...