Product
Update to CVE-2019-7238 in Nexus Repository Manager 3
Today, an article was brought to our attention that suggests a new attack tactic was targeting an old vulnerability in Nexus Repository Manager 3 (NXRM) - CVE-2019-7238. ...
Extending NDR visibility in AWS IaaS
By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams ...
A Layered Approach to Bot Detection and ATO Prevention
Learn about two layers in user and account defense, and how deploying Castle gives you a single solution that improves security and reduces user friction ...
Exchange exploitation and architecting for visibility
By Alex Kirk, Corelight Global Principal for Suricata The new Microsoft Exchange vulnerabilities disclosed earlier this month highlight the importance of architecting for security visibility on the network. At most organizations the ...
Secure What You Build and Where You Run It: Say Hello to the Infrastructure as Code Pack for Nexus Lifecycle
What is the IaC Pack and Why Should You Care? The Infrastructure as Code Pack is a new add-on to Nexus Lifecycle that enables developers to easily find and fix security vulnerabilities ...
Understanding Nexus Container: 5 Technologies You Need for Full Life Cycle Container Security
“Containers are changing the data center the same way containers changed global trade.” – Jim Zemlin, Executive Director, Linux Foundation ...
Why Sonatype is Acquiring MuseDev
Ask any software developer, and they will tell you the truth about two things: Conventional code analysis and application security tools are overly noisy and generally not well integrated into the developer ...
New in Nexus Repository 3.30: Microsoft Azure Blob Storage Support for Expanded Cloud Platform Deployments
We are excited to announce Azure Blob Storage support with Nexus Repository Pro available in 3.30 release! Nexus Repository Pro users can now manage and deploy their critical infrastructure on Microsoft’s Azure Cloud ...
Translating query into action
By Vince Stoffer, Senior Director, Product Management, Corelight One of the most important aspects of threat hunting is having a place to start. A question, a theory, or a hunch often begins ...
Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains from “Dependency Confusion” Attacks
As news continues to cascade on a recent dependency hijacking software supply chain attack, detection of dependency confusion, a.k.a. namespace confusion, copycat packages are on the rise. These counterfeit packages, presenting the ...
