Nexus Lifecycle

Exploited Ivanti Connect SSRF vulnerability traced back to 'xmltooling' OSS library

Exploited Ivanti Connect SSRF vulnerability traced back to ‘xmltooling’ OSS library

| | DevZone, FEATURED, Nexus Lifecycle, Vulnerabilities, vulnerability
Over the past few weeks, vulnerabilities in proprietary Ivanti products, in particular Ivanti Connect Secure, Policy Secure, and ZTA gateways, have been making headlines for their active exploitation in the wild ...
Sonatype Blog
Sonatype Lifecycle Enhancements Boost Speed, Security, and Productivity

Sonatype Lifecycle Enhancements Boost Speed, Security, and Productivity

| | Lifecycle Cloud, Nexus Lifecycle, Nexus Platform, open source, secure software supply chain
  ...
Sonatype Blog
Sonatype's SBOM Generation Capabilities Outpace the Competition

Sonatype’s SBOM Generation Capabilities Outpace the Competition

| | BOM Doctor, Nexus Lifecycle, SBOM, secure software supply chain, software bill of materials, Sonatype Safety Rating
  ...
Sonatype Blog
Sonatype Nexus Lifecycle Boosts Open Source Security and Dependency Management

Sonatype Nexus Lifecycle Boosts Open Source Security and Dependency Management

| | Nexus Lifecycle, Nexus Platform, open source, secure software supply chain
  ...
Sonatype Blog

Developers Need Two Things: The Nexus Platform and a Full Pot of Coffee

| | Nexus Firewall, Nexus Lifecycle, Nexus Platform
  ...
Sonatype Blog

5 Key Open Source Security Risks and How to Prevent Them

| | Nexus Lifecycle, open source security risks, OSS security, shift left
  ...
Sonatype Blog

The No-Fix Mediums? Not Having a High Priority Doesn’t Mean Low Danger

| | BOM Doctor, CVE, Nexus Lifecycle, State of the Software Supply Chain, Vulnerabilities
Development teams are using more and more open source component software every day. These components are developed and maintained outside of your organization, and are often analyzed by researchers and the software ...
Sonatype Blog

Despite What Some Vendors Say, Please Don’t Ignore Log4j

| | DevZone, Log4j, Nexus Lifecycle, Vulnerabilities
Mirroring the explosive growth of open source software, analysis around open source vulnerabilities continues to dominate headlines. However, in an alarming trend, many security vendors have begun citing stats that downplay risk ...
Sonatype Blog

Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices – Part 1

| | CISA best practices, Cybersecurity, Nexus Firewall, Nexus Lifecycle, Nexus Platform, nexus repository manager, secure software supply chain
  ...
Sonatype Blog

Open source licensing shift: Fedora blocks Creative Commons CC0

| | Advanced Legal Pack, license, Nexus Lifecycle, open source
Even organizations that are fully dedicated to software development don’t want to spend their time and competitive energy chasing software compliance. But ignoring changing legal requirements is dangerous ...
Sonatype Blog
Load more