Michelle Dufty

Sonatype Blog

Developers are continuing to leverage containers to reliably move software applications between environments, making them an integral part of every DevOps pipeline. In fact, according to Sonatype’s 2019 State of the Software Supply Chain Report, there are more than 2.2 million containerized applications housed in Docker Hub— up from 900,000 ... Read More

As organizations seek to innovate faster and build more secure applications at scale, the one trend we are seeing is the desire to automate dependency management. In fact this trend was evident in our 2019 State of the Software Supply Chain Report where we analyzed 36,203 open source components from ... Read More

As more and more software development teams move to the cloud, it is now more important than ever to ensure that only the best open source components make it into a final application. With a 71% increase in open source related breaches within the last 5 years and over 21,000 ... Read More

In today’s world, we know that most security breaches occur because of application vulnerabilities. We also know that most typical software applications are, on average, comprised of 85% open source software. These facts are changing the way enterprises are thinking about security overall, and makes open source libraries a critical ... Read More

We’re happy to announce another helpful integration for Nexus Lifecycle -- our new and improved Nexus IQ Add-on for JIRA! Anyone involved in the product development process knows just how critical Atlassian’s tools (and similar tooling) are, for, well...product development. JIRA, in particular, helps teams -- from engineering managers to ... Read More