Need Immediate Help?

Nexus OSS

Deserialization - Featured Image

The Latest Victim of Deserialization-Gate

Last week the world was hit with what can be awarded the Vulnerability Of The Day for Java – the commons-collections deserialization vulnerability. The latest victim of the continued series of vulnerabilities comes from the Spring project with an implicating class that allows the same unsafe deserialisation vector in the spring-core. What makes this issue particularly

Extensions and Plugins

Nexus and Docker

Premium Private Registry for Docker

Before rolling Docker into production, users are demanding access to private registries to securely store and manage their Docker images. With private repositories, you can provide secure, role-based access controls and have a clean chain of custody to ensure what you build is what you deploy. Watch as Chris Riley, DevOps analyst at Fixate and

The Q&A Corner

Author, Ilkka Turunen

Nexus and SSL

For updates on articles and resources, follow @TSWAlliance on Twitter Today’s topic comes from an interesting conversation I had with a customer about SSL certificates that can be used to secure Nexus and serve it via HTTPS. Though HTTPS should be the cornerstone in securing any web service, I thought it useful to answer small

Engineering Team: Thoughts

Nexus Firewall

The Nexus Firewall – Perimeter Defense for Software Development

The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at modern development velocities. You can respond by leveraging automation in your repository manager to improve application quality and reduce rework while lowering exposure to risk. (Download pdf version of this article for offline reading.)


Nexus Engineering Team

What’s up Doc(ker): Nexus Repository Manager v3 Milestone 6 Release

We, on the Nexus team, are pleased to announce the arrival of the Nexus Repository Manager v3 Milestone 6 release! What’s new Milestone 6 of the Nexus Repository Manager v3 includes:   improvements to our Docker repository format capabilities that include the v2 format the addition of npm repository format capabilities, including the ability to

Guest Authors

Andrew Janke

Documenting for and WITH the Nexus Community

Now that I am back from OSCON and the Community Leadership Summit, I am catching up on some of the day to day community work. One important aspect is providing all Nexus users and beyond useful documentation and other related free assets like the numerous videos we recorded like: Nexus and Nexus Lifecycle: Tips from

Nexus Pro/CLM

Author, Ilkka Turunen

Using the REST API in Nexus 2.x

I’ve recently received a few questions asking how the deployment of Nexus can be automated as much as is possible by using configuration management tools such as Chef, Puppet, Saltstack, Docker, etc. This is common in a scenario where you may want to set up multiple Nexuses with defined repository structures and pre-installed license keys.

How We Do It

Mark Kilby and Jeffry Hesse

Talking the Talk – Focus on Goals, not Best Practices (Part 2)

by Mark Kilby and Jeffry Hesse In our last blog post, we discussed how it’s better to set process goals versus best practices across teams in your organization.  We’d like to continue that thought by discussing another goal we set for our distributed teams: Talking Daily.  This goal definitely aligns with principles of the Agile


Security and DevOps

Who Let Security into DevOps? [Video]

Here’s an interesting video of Dan Lamorena talking with Daniel Miessler, Josh Corman and Paul Muller about the inclusion of security into DevOps. Lots of talk about Deming, software supply chains and how the boundaries between security, development and operations are being broken down. Follow @TSWAlliance on twitter for more video updates.

Become a Member

Are you a current user of: