OSS security

Streamline SCA with Sonatype's build-safe automation

Streamline SCA with Sonatype’s build-safe automation

| | automated securiy, Automation, OSS security, Software Composition Analysis, Sonatype Lifecycle, vulnerability
As open source adoption accelerates across the enterprise, so too does its complexity. Development teams are building software with hundreds of components, each carrying its own risks, release cycles, and dependencies ...
2024 Sonatype Blog

Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’

| | FEATURED, malware prevention, Nexus Firewall, OSS security, Sonatype Repository Firewall, Vulnerabilities
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
Sonatype Blog NEW 2024
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’

| | malware prevention, Nexus Firewall, OSS security, Sonatype Repository Firewall, Vulnerabilities
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
Sonatype Blog
How Top Security Teams Leverage Open Source: Nick Reva at Snap on OSS

The Power of Open-Source Security: A Deep Dive

| | Container Security, Kubernetes, Kubernetes Security, open source, OSS security, runtime protection, Security Observability, use case
Open-source software (OSS) is increasingly becoming foundational to security strategies for cutting-edge security teams. In a recent webinar hosted by Sandeep Lahane, co-founder and CEO of Deepfence, Nick Reva, Snap’s Head of ...
Deepfence

5 Key Open Source Security Risks and How to Prevent Them

| | Nexus Lifecycle, open source security risks, OSS security, shift left
  ...
Sonatype Blog