Sonatype

See the following -

Actionable Control for Open Source Components

Adrian Bridgwater | Dr. Dobb's | February 22, 2012

Sonatype has released the Nexus Professional 2.0 open-source repository manager. The new iteration now includes more "actionable" information about the open-source components used in any development project. This action-centric approach is designed to provide insights into component security and licensing. Read More »

How the Federal Reserve Bank of New York Navigates the 'Supply Chain' of Open Source Software

David Needle | Enterprise.Nxt | October 9, 2017

Large companies have divisions and subsidiaries that make efficient organizational management a challenge. Perhaps no one recognizes that more than Colin Wynd, vice president and head of the Common Service Organization at the Federal Reserve Bank of New York. Wynd is charged with ensuring that software development practices and strategy are forward-thinking and secure, and adhere to compliance regulations. Several years ago, Wynd and his team started to think more holistically about how their developer teams worked, he explained in a presentation at the recent Jenkins World conference in San Francisco...

Read More »

US Congress Intervenes to Address Cyber Security Crisis with Software Supply Chain Focus; Sonatype Introduces Free Application Health Check To Support Government Agencies And Software Providers

Press Release | Sonatype | December 10, 2014

Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a free Application Health Check to immediately alert federal agencies and software suppliers about known vulnerable open source components and where they exist within an application...

Read More »