Sonatype Says articles

Author, Derek Weeks

Better and Fewer Suppliers (2015 Software Supply Chain Report)

Better and Fewer Suppliers (2015 Software Supply Chain Report)

  That Supplier is Better For You Since releasing the 2015 State of the Software Supply Chain Report, there has been a lot of great discussion across the industry on best practices for managing the complexity introduced by the volume and velocity of the components used across your software supply chain. Today I want to focus

Author, Derek Weeks

The 2015 State of the Software Supply Chain Report

In April of this year, I embarked on a six-week journey diving deep into an analysis of the world’s software supply chains.  I evaluated the practices of 106,000 organizations, the 100,000+ suppliers they relied on, and the billions of software components that fueled their agile, continuous delivery and DevOps practices. The facts I discovered and

Author, Derek Weeks

Neuxs Lifecycle and Atlassian Bamboo: Improve Your Builds

Sonatype Lifecycle now provides native Atlassian Bamboo support to improve the quality of your build outputs. Sonatype provides instant analysis of open source components used in every Bamboo build and alerts development teams to any quality, license, or security issues identified.  By catching the issues during CI builds, development teams can quickly address open source

SonarQube + Nexus Lifecycle.

Integrating SonarQube with Nexus Lifecycle

Many development organizations we work with have turned to SonarQube as a dashboard to visualize and measure their code quality. Customers using Nexus Lifecycle (formerly CLM) want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing

Damon Edwards

Nexus and RunDeck: Tools for DevOps

In this Throw Back Thursday (TBT),  Nexus Live Broadcast, Damon Edwards and his team from SimplifyOps introduced us to RunDeck, open source software that helps automate routine operational procedures in data center or cloud environments. He is seeing Nexus in many of his enterprise environments, so I thought it would be interesting to get an overview

Author, Manfred Moser

Nexus OSS Meets NuGet

The NuGet package manager has become the standard for developing software on the Microsoft platform which includes.NET and the NuGet Gallery that has emerged as a large public open source package repository. Sonatype Nexus, on the other hand, is the standard repository or component manager software running on servers from small open source projects and teams

Author, Derek Weeks

How a Software Bill of Materials Uncovers Known Vulnerabilities

In two minutes, we can show you a full software bill of materials for your application.  We can also identify any known vulnerabilities in the open source and third-party components within your Java application.  Oh, and by the way, it’s free. That’s right, at Sonatype, we could not be more in favor of the code

Author, Derek Weeks

Real World Experiences: Blackboard

As part of a new series we’re calling ‘Real World Experiences’ we’ll be highlighting how Sonatype customers are benefiting from greater development efficiency, higher productivity levels, faster time to market and better quality software, all while being more secure. We kick off the series covering Blackboard, the world’s leading education technology company. Blackboard challenges conventional thinking and

Top