Sonatype Selected by Equifax to Support OS Governance Press Release
blog-logo Sonatype Blog

Featured Article

Better, Faster, Stronger: Nexus Lifecycle's Improved JIRA Add-on Gives Developers and AppSec Something to High-Five About

By Michelle Dufty on August 14, 2019 JIRA

Nexus Lifecycle's new JIRA add-on with violation reporting eliminates the admin overhead of managing fixes. Component fixes are assigned and tracked with one-click.

Read More...

SHARE:

Filter by:
Bas and Mo - Featured Image
READ MORE

Steps to Responsible Disclosure with Bas van Schaik, Man Yue Mo and Brian Fox

By Mark Miller on March 20, 2018 Open Source
In this episode of the OWASP 24/7 Podcast Series, I speak with the research team at Semmle on how they discovered the Pivotal Spring framework vulnerability.
Read More...
iStock-175197685.jpg
READ MORE

Struts2 Exploited Again.  Did Anyone Bother to Tell You?

By Brian Fox on March 10, 2017 oss

This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their inclusion of Apache commons-collection. If you

Read More...
READ MORE

Did you wake up to an alert about the Java Deserialization vulnerability?

By Brian Fox on November 13, 2015 oss

This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their inclusion of Apache commons-collection. If you

Read More...
Twitter LinkedIn Facebook Instagram YouTube GitHub
Products
Security Research
Solutions
Resources
About
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 5 Martin Place, Sydney, NSW 2000, Australia 
London Office - 199 Bishopsgate, London EC2M 3TY

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy