Take control of your InnerSource components with InnerSource Insight
Today, Sonatype announced "InnerSource Insight," an industry-first capability within Sonatype Lifecycle that makes it easier and safer for developers to use components developed by others within their organization ... Read More
The Magic Behind Over 101,000 Malicious Packages Discovered and Blocked
Nexus Firewall provides industry-leading machine learning by security experts for security experts, detecting suspicious and malicious OSS risks in real-time and at scale before the rest of the world finds out ... Read More
Scale up your enterprise with Docker Subdomain Routing
Docker is an open source platform that came to life in 2014 and was recently rated the most loved/wanted tool by developers according to a StackExchange survey. But it’s not just developer preference. In the last two years, the percentage of enterprises with more than half of their containers running ... Read More
Smarter policy and advanced component search with Nexus Lifecycle updates
In March, we talked about improvements to the Nexus Lifecycle policy tools and waivers. This month we’ve taken another step forward with better policy and waiver controls. This update helps development teams manage open source software components more easily across their projects ... Read More
Take Control of Your InnerSource Components with InnerSource Insight
Today, Sonatype announced “InnerSource Insight,” an industry-first capability within Nexus Lifecycle that makes it easier and safer for developers to use components developed by others within their organization ... Read More
New Developer Tools for Open Source Dependency Management
Sonatype's focus on developers brings more insights into software dependencies, clearer policy exceptions, and support for PHP users. This Nexus platform update will help developers more easily remediate vulnerable open source usage across their projects ... Read More
Scale Developer Security with Expanded Nexus Platform Features
We are in the midst of a wave of low-cost, high damage techniques by hackers in the wild. Bad actors are finding easy, inventive, and well-disguised ways around common security measures by targeting the open source building blocks of software. These include typosquatting, dependency confusion, and malware injection, of which ... Read More
New Nexus Repository Visualizer Provides Insights into Log4j Usage
Approx read time: 3.5 mins ... Read More
How to Protect Yourself Against Trojan Source Unicode Attacks with Nexus Firewall
Open source ecosystems and the tools that developers use have seen increasing attacks over the past three to four years, with so many “novel” attack vectors coming to fruition in 2021. In November, researchers at the University of Cambridge found yet another way to invade the open source community, called ... Read More
New Nexus Lifecycle Enhancements Deliver Faster Remediation Experience
Upgrading components within your project can be a tricky process. DevOps, AppSec and legal teams need to consider multiple variables before upgrading: ... Read More