Nexus Live: October 2013 featuring Puppet

On-Demand Recording: Streamed October 23, 2013

Learn how developed a system using Puppet that provisions Nexus instances into a deployment platform in a DevOps manner.


Sonatype Reduces Licensing Risks With New Update to NuGet and Visual Studio

FULTON, MD. – Sept. 9, 2013 Sonatype, a software company dedicated to enabling developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today announced an update to both the NuGet gallery and Visual Studio 2013 add-in that provides license data associated for each NuGet package based on the Sonatype Component Lifecycle Management (CLM) platform. more

Myths and Misconceptions on Securing Open-source Software

Agile security expert Ryan Berg addresses the common myths and misconceptions of securing open-source software and offers practical tips on how to build in security throughout the software development lifecycle – from design, development and deployment through to production.


Nexus Live: September 2013 featuring the Nexus user survey

On-Demand Recording: Streamed September 11, 2013

Watch our live panel discussions with Nexus experts where they highlight survey results from our most advanced Nexus users. Learn what development tools work with Nexus, what features users value most and see how over half of users survey are interested in extending component management beyond their repository manager.


Nexus Live: July 2013 profiling Nexus with JMX

On-Demand Recording: Streamed on July 17, 2013

Watch our July session to learn how to profile your Nexus installation with JMX and hear from the Maven creator, Jason van Zyl on the highlights of the newest Maven 3.1.0 release.


Nexus Live: June 2013 improving security, build promotion & staging

On-Demand Recording: Streamed June 19, 2013

Learn how you can extend your repository manager strategy to improve the security and quality of your applications. Find out how you can simplify your build promotion and staging with recent Nexus Pro enhancements. Also, learn how you can use Gradle to deploy components to Nexus.


Nexus Live: May 2013 focus on Repository Healthcheck

On-Demand Recording: Streamed May 31, 2013

See the most popular feature of Nexus in action, get a complete overview of the Repository Health Check to assess the health of the components in your repository. Avoid risks by reviewing popularity, license type and security vulnerabilities for every component in the repository. Also see an early preview of Nexus 2.6.


Sonatype Named Emerging Company of the Year by Technology Council of Maryland

ROCKVILLE, Md.--May 17, 2013 - The Tech Council of Maryland (TCM), Maryland’s largest technology trade association with more than 400 biotechnology and technology members employing more than 200,000 in the region, last night announced the winners of its 2013 TCM Awards naming Sonatype the Emerging Company of the Year.

Help Net Security

The insecurity of the component lifecycle

Open source component use continues to skyrocket with applications now more than 80 percent component-based, while at the same time organizations continue to struggle with establishing policy to secure and govern component use. According to the Sonatype survey, 76 percent of organizations have no component management policies in-place.

Infosecurity Magazine

Three-fourths of organizations lack app component policy

When it comes to developing applications, open-source component use continues to skyrocket. And like operating systems or databases, open-source components represent a rich attack vector for hackers to exploit given their commonality across organizations and applications.

SD Times

Sonatype ushers in new era of application security aimed at eliminating risk in the modern software supply chain

Sonatype, the leader in Component Lifecycle Management (CLM), today introduced a revolutionary new approach to application security which significantly reduces the risk in using freely available, open source software (OSS) components. Sonatype CLM is the first and only solution to secure the entire component lifecycle – from design, development and deployment through production operations.



Codie INC 500 Red Herring SD Times NVTC RSA Gartner