Sonatype
Sonatype
Blog Post
  • Over the past several years, the frontend JavaScript development ecosystem has been moving increasingly towards the use of dependency managers such as NPM and application bundlers such as webpack. While these are great moves for the ecosystem overall - providing automated and standardized management of third-party code along with modularity - they present some unique challenges for scanning too...

Sonatype
Sonatype
Blog Post
  • With Sonatype Nexus 3 we can easily get private docker registry for Kubernetes cluster, npm and maven registry for applications. This recipe shows how to deploy docker private registry on its own domain name. At the end Nexus will be available at nexus.YOURDOMAIN.com and docker registry at docker.YOURDOMAIN.com.

Sonatype
Sonatype
Blog Post
  • Since taking on a role where I help our partners learn how to install and use our solutions I've turned my focus to making that 'easy'. Now that Sonatype offers 'official' docker images for Nexus Repository Manager and Nexus Lifecycle they were a perfect fit for my use case. Tools like docker-compose can make starting and stopping our platform as simple as docker-compose up and docker-compose d...

Sonatype
Sonatype
Blog Post
  • The Nexus Support Team answers questions and suggests solutions on the Nexus User List. Each Friday, we look solutions the community found of interest.

Sonatype
Sonatype
Blog Post
  • Earlier this week, I had an extended conversation with an analyst at Forrester about DevSecOps. What surprised me most during the conversation was how strong the silos between development and security stood in her mind. I am not naive to think that everyone in the community has DevSecOps thinking and practices engrained in their psyche, but when it came from a supposed thought leader, ...

Sonatype
Sonatype
Blog Post
  • I’ve been running Docker Swarm in production for a few API’s and single page applications for a couple of months now. Here are some Docker images I’ve found generally useful. Most of these images are not specific to Docker Swarm. For each image, I’m also going to show a docker-stack.yml file that you can use to deploy the image and the settings I use for them. To deploy a Docker stac...

Sonatype
Sonatype
Blog Post
Sonatype
Sonatype
Blog Post
  • Prescribing a Software Bill of Materials On November 16th, U.S. Congressman Greg Walden (R-OR) sent a letter to the U.S. Department of Health and Human Services (HHS) requesting they convene a sector-wide effort to establish a plan of action for creating, deploying, and leveraging software bill of materials (SBOM) to better protect the nation's healthcare systems and applications agai...

Sonatype
Sonatype
Blog Post
  • Endpoint change In February 2017, npm announced plans to deprecate the existing search endpoint (GET /-/all) on September 1, 2017. The endpoint was designed at a time when the npm registry was much smaller. It worked by returning a list of all hosted packages that the client would then parse and search.

Sonatype
Sonatype
Blog Post
  • Yesterday, Dr. Suzanne Schwartz released a blog to update us on the FDA’s role in medical device cybersecurity.

Sonatype
Sonatype
Blog Post
  • In the coming months, the Nexus Lifecycle team will be implementing a new page in IQ Server, providing details on a particular policy violation. This page will be accessed from the dashboard by clicking on a result in the violations tab.

Sonatype
Sonatype
YouTube Video
Sonatype
Sonatype
Blog Post
  • This article published yesterday in Gizmodo -- and this one published this morning in the Wall Street Journal shed light on what Rick Smith, former Equifax CEO, will say today to Congress when he testifies on the series of cyber security missteps that led to their recent massive hack.

Sonatype
Sonatype
Blog Post
  • We at Sonatype spend a lot of time talking about shifting application security and OSS governance to the left and rightfully so. Like so many other 'quality' attributes the key to going faster is to get your feedback much earlier in the process and essentially build quality in instead of trying to test/inspect it in later.

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.