Featured Article

More Than 200 Cryptomining Packages Flood npm and PyPI Registry

By Ax Sharma on August 19, 2022 vulnerabilities

More than 200 malicious packages have flooded npm and PyPI registries to install cryptominers on Linux hosts.

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

4 minute read time

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
READ MORE

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

5 minute read time

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
READ MORE

Code, Cars, and Congress: A Time for Cyber Supply Chain Management (1 of 3)

5 minute read time

Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
READ MORE

Part 3: The Internet of Everything: Code, Cars, and More

3 minute read time

In part two of my blog 'A Closer Look at Today's Software Supply Chain', I discussed why human-speed supply chain management can’t keep pace with today’s agile software development practices and why

Read More...
READ MORE

Are You Choosing the "Right" Component?

4 minute read time

In our recent open source developer survey we asked, what are the TOP FOUR characteristics considered when selecting a component? And since components are the building blocks used when creating an

Read More...
READ MORE

Part 1: The Internet of Everything: Code, Cars, and More

3 minute read time

Just like automobile manufacturers, software “manufacturers” need to apply supply chain management principles for both efficiency and quality. They need to be prepared to conduct a rapid and
Read More...
READ MORE

Stewing Over Software Ingredients

3 minute read time

Just the other day I was planning dinner for my family and thought it would be a great idea to bust out the Dutch oven I had to have, but rarely use, and make a nice stew. I ran to the grocery store

Read More...
READ MORE

Open source components, a fine vintage or sour milk?

2 minute read time

The U.S. recently overtook France as the world’s largest wine market. And here at Sonatype, we can proudly say we’ve contributed to this achievement. By not only consuming our fair share of wine but

Read More...
READ MORE

Securosis Dives Deep into our 2014 Survey

3 minute read time

There are two ways to motivate others to action: emotional appeal and fact based analysis. Our 2014 Open Source and Application Security survey results touched on both. We've run this survey for the

Read More...
Twitter LinkedIn Facebook YouTube GitHub
Products
Free Tools
Solutions
Resources
Customer Portal
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759

Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102

Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia

London Office -168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Modern Slavery Statement    Event Terms and Conditions   Do Not Sell My Personal Information