Nexus Automated GitHub Pull Request

Keep GitHub Dependencies Secure with Nexus Lifecycle’s Automated Pull Requests

As organizations seek to innovate faster and build more secure applications at scale, the one trend we are seeing is the desire to automate dependency management. In fact this trend was evident ...

Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year

If the topic is speed, the subject is Sonatype. This week, Sonatype received another recognition in the form of Deloitte’s Technology Fast 500™ ranking, our fourth year on the list. The list ...
OSS for enterprises: Procure Secure Components Faster with Superior Developer Experience

It Pays to Discover Sonatype

The name of the presentation says it all: Procure Secure Components Faster with Superior Developer Experience. So announced Karthik Loganathan and Sheshagiri (Giri) Rao of Discover at the annual DevOps World | ...

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

What secrets did Toyota unlock decades ago that drive the success of today’s software supply chain? Sonatype’s Matt Howard explained during a chat with Dave Bittner on an episode of The CyberWire ...
Open Source Software Growing Rapidly

A World of Infinite Choice in Open Source Software

We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ...
Struts flaw, SAST, IAST, DAST & RASP primer, hacking planes, ATMs, and water heaters

Struts flaw, SAST, IAST, DAST & RASP primer, hacking planes, ATMs, and water heaters

We wind up the month of August with stories on the latest Apache Struts hack—bad news, if you remember Equifax—and what you need to do now to protect yourself. Plus news on ...
Black Duck By Synopsys FLIGHT 2018

Register now to join us at FLIGHT East 2018 in Boston

Every time we host a Black Duck FLIGHT conference I’m amazed at how much great information there is, how many in-depth discussions happen, and how much I learn from our customers who ...
The Apache Software Foundation can take a joke, but not when it comes to licensing

The Apache Software Foundation can take a joke, but not when it comes to licensing

The Apache Software Foundation’s legal group is an interesting microcosm in which to study open source license issues. Generally, what the Apache Software Foundation (ASF) deems good is good for companies looking ...
Black Duck Security Advisories: What you need to know

Everything you need to know about Black Duck Security Advisories

When we released Black Duck 4.4, we announced the creation of our own Black Duck Security Advisories (BDSAs). BDSAs offer a more complete and in-depth view of your vulnerabilities. Since then, many ...
Loading...