Skip to content

Sonatype Blog
Syndicate content
Updated: 9 hours 51 min ago

The Two-Minute Open Source Risk Assessment

Tue, 10/21/2014 - 23:15
In two minutes, we can show you if there are any open source risks within your Java application.  And it’s free. That’s right, at Sonatype, we could not be more in favor of the code reuse that occurs millions of times a day thanks to the availability of open source and third-party components.  At...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

TheNexus: A Community Project

Mon, 10/20/2014 - 22:39
With over 42,000 Nexus instances deployed at enterprises around the world, we thought it was time to setup a community based around our products: Nexus and CLM. Earlier this month, we launched the TheNEXUS Community, including exclusive members only content  — where we are already over 700...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Nexus Live, October 2014 – Gene Kim, Josh Corman, TheNEXUS

Thu, 10/09/2014 - 20:41
During the October 2014 broadcast of Nexus Live we were able to catch up with Gene Kim and Josh Corman to find out what’s in store for the DevOps Enterprise Summit in the Bay Area at the end of the month. We also took a quick look at TheNEXUS, the new community site for Nexus, […]

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

npm registry support for all!

Tue, 10/07/2014 - 16:36
Continuing our commitment to the open source community we are taking Nexus OSS to another level. After adding NuGet support in Nexus 2.9 for FREE in Nexus OSS (a long time paid feature of Nexus Professional) our engineering team is at it again. I remember when we created the issue tracker ticket to...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Why Attend the DevOps Enterprise Summit?

Thu, 10/02/2014 - 07:54
Major enterprises are embracing DevOps. The DevOps Enterprise Summit is bringing together top practitioners who are leading DevOps transformations in large, complex organizations. It is a three-day conference on October 21-23, where leaders share their lessons learned, spanning culture,...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Nexus OSS Meets NuGet

Tue, 09/30/2014 - 01:00
The NuGet package manager has become the standard for developing software on the Microsoft platform which includes.NET and the NuGet Gallery that has emerged as a large public open source package repository. Sonatype Nexus, on the other hand, is the standard repository or component manager software...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Bash 2014 – This Is Not a Party

Thu, 09/25/2014 - 22:58
I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and Shellshock in a fashion similar to tropical storms, but if it gets more people to pay attention to the...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

What Happened Sept 16th?

Tue, 09/23/2014 - 17:15
We led an invasion last week armed with a flying drone, glowing lightsabers, and the latest knowledge on open source security vulnerabilities. Our mission? Lead, share, educate, moderate, and have some fun. Our coordinates? This year’s AppSecUSA 2014 event in Denver, Colorado. If you were...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Skeleton Key

Fri, 09/19/2014 - 18:14
A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of their conference was “think like a bad guy”. They introduced us to known hackers, their approaches to...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

11,000 Voices

Tue, 09/16/2014 - 20:33
This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the event this Thursday. If you will be at the event, please come by the session or the Sonatype booth...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Time for Full Open Source Disclosure

Fri, 09/12/2014 - 15:31
We are not the first industry to face this challenge. But many are convinced our problem is much smaller than it really is or that it does not exist. They simply ignore it. Or choose to do nothing about it. Meanwhile, the problem is multiplying like rabbits. The challenge lies within our...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Gartner Goes Development-Centric

Thu, 09/11/2014 - 16:38
Recently, Gartner published a new research report that says by 2016, “the vast majority of mainstream IT organizations will leverage nontrivial elements of open source software (directly or indirectly) in mission- critical IT solutions. However, most will fail to effectively manage these assets in...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Nexus 3.0 Technology Preview (Milestone 1 Release)

Thu, 09/04/2014 - 17:15
The Nexus development team at Sonatype is pleased to announce the release of the first milestone build (M1) of Nexus 3. This release is a technology preview covering the open source version, Nexus OSS, focused specifically on the new user interface. Nexus Pro will be covered in the upcoming M2...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies

Integrating with SonarQube

Wed, 08/27/2014 - 22:26
Customers using CLM want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing interest from our customers, we are introducing our next important milestone:...

To read more, visit our blog at blog.sonatype.com.
Categories: Companies