The Magic Behind Over 101,000 Malicious Packages Discovered and Blocked

Nexus Firewall provides industry-leading machine learning by security experts for security experts, detecting suspicious and malicious OSS risks in real-time and at scale before the rest of the world finds out ... Read More

Scale up your enterprise with Docker Subdomain Routing

| | News and Views
Docker is an open source platform that came to life in 2014 and was recently rated the most loved/wanted tool by developers according to a StackExchange survey. But it’s not just developer preference. In the last two years, the percentage of enterprises with more than half of their containers running ... Read More

Smarter policy and advanced component search with Nexus Lifecycle updates

In March, we talked about improvements to the Nexus Lifecycle policy tools and waivers. This month we’ve taken another step forward with better policy and waiver controls. This update helps development teams manage open source software components more easily across their projects ... Read More

Take Control of Your InnerSource Components with InnerSource Insight

Today, Sonatype announced “InnerSource Insight,” an industry-first capability within Nexus Lifecycle that makes it easier and safer for developers to use components developed by others within their organization ... Read More

New Developer Tools for Open Source Dependency Management

Sonatype's focus on developers brings more insights into software dependencies, clearer policy exceptions, and support for PHP users. This Nexus platform update will help developers more easily remediate vulnerable open source usage across their projects ... Read More

Scale Developer Security with  Expanded Nexus Platform Features

| | FEATURED, Nexus Firewall, Product
We are in the midst of a wave of low-cost, high damage techniques by hackers in the wild. Bad actors are finding easy, inventive, and well-disguised ways around common security measures by targeting the open source building blocks of software. These include typosquatting, dependency confusion, and malware injection, of which ... Read More

How to Protect Yourself Against Trojan Source Unicode Attacks with Nexus Firewall

Open source ecosystems and the tools that developers use have seen increasing attacks over the past three to four years, with so many “novel” attack vectors coming to fruition in 2021. In November, researchers at the University of Cambridge found yet another way to invade the open source community, called ... Read More

New Nexus Lifecycle Enhancements Deliver Faster Remediation Experience

Upgrading components within your project can be a tricky process. DevOps, AppSec and legal teams need to consider multiple variables before upgrading: ... Read More

New Nexus Firewall Release with Developer-First Enhancements

| | Nexus Firewall, open source, Product
Due to an increase in large-scale attacks focused on developers, it’s crucial for businesses to secure their software development lifecycle ... Read More