WHITE PAPER: For quite some time, security has been viewed as an obstacle to productivity. The reality is that security and productivity can not only coexist but also complement each other when the right tools and processes are in place. Access the white paper to learn how.

Posted: 09 May 2023 | Published: 09 May 2023

ANALYST REPORT: The ever-increasing reliance on open source software exposes businesses to software supply chain risks. By understanding the key issues in software supply chain security and implementing end-to-end visibility, transparency, and tracking, companies can effectively prevent costly cyberattacks and protect their operations.

Posted: 18 Apr 2023 | Published: 18 Apr 2023

ANALYST REPORT: Sonatype’s eighth annual State of the Software Supply Chain Report blends a broad set of public and proprietary data and analysis. This year’s report also analyzed operational supply, demand and security trends associated with the Java (Maven Central), JavaScript (npmjs), Python (PyPI), and .Net (nuget) ecosystems.

Posted: 18 Apr 2023 | Published: 18 Apr 2023

BLOG: Discover the risks of ignoring vulnerabilities in your software supply chain and learn vital strategies for enhanced security. Sonatype's Dr. Stephen Magill underscores automated monitoring, remediation, and developer collaboration as crucial for improved protection.

Posted: 18 Apr 2023 | Published: 18 Apr 2023

BLOG: How can organizations combat these supply chain attacks that continue to grow in sophistication? Read this blog post to learn how Sonatype’s repository Firewall can help you do so using AI algorithms that detect behavior or contents that are not normal for the project or its ecosystem.

Posted: 18 Apr 2023 | Published: 18 Apr 2023

BLOG: The volume of open-source packages continues to rise and thus, the risk insecure components finding their way into software supply chains. Here are the top ten most common mistakes.

Posted: 18 Apr 2023 | Published: 18 Apr 2023

CASE STUDY: Access this case study to learn how Equifax achieved a security transformation through Sonatype Nexus Life cycle and Nexus Repository.

Posted: 26 Nov 2021 | Published: 08 Sep 2020

EGUIDE: Security in DevOps, aptly named DevSecOps, is something that your development organization is going to have to deal with soon. This e-guide is your primer to bringing these two departments together when they come from such different perspectives. Learn how to improve collaboration, incorporate security earlier in development, and more.

Posted: 08 May 2017 | Published: 04 May 2017

EGUIDE: Open source software may be all the rage right now as the DevOps movement advances, but it's important to keep track of it carefully for licensing and security purposes. Continue reading this eGuide for information on how to accurately track your open source software, and the steps you should take to avoid licensing fees.

Posted: 28 Apr 2017 | Published: 28 Apr 2017