Nexus Live: April 2013 with LDAP tips & tricks

On-Demand Recording: Streamed April 26, 2013

Learn tips and tricks for using the LDAP support available in both Nexus OSS and Nexus Pro. Learn about top support issues with Nexus 2.4 and get an early preview on Nexus 2.5.

SD Times

Keeping Tabs on Open-Source Components

It’s not uncommon for a software application today to consist of 80% or more open-source components, which explains enterprises’ growing use of repository managers, solutions that help them govern what open-source components are being used by their developers.



Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo.


Nexus Live: March 2013 with new Nexus 2.4 features

On-Demand Recording: Streamed March 22, 2013

The top of the hour kicked off with new features of Nexus 2.4 and the rest of the hour was dedicated to live Q&A discussion with active community members and our expert panel.

Open Source and the Software Supply Chain: A Look at Risks vs. Rewards

Open Source and the Software Supply Chain: A Look at Risks vs. Rewards

There is a dynamic shift occurring in the software development landscape. No longer are applications written, today most are assembled using open source components. The growing reliance on externally sourced, open-source components as core building blocks for modern application development, coupled with the complexity of the ecosystem, has ushered in new risks for the software supply chain. This article will explore the licensing, security, and quality risks associated with component-based development and its direct impact on the integrity of the software supply chain.

News Source The H

The Ghost of a Spring Framework Bug Haunts Old Code

There are reports of the discovery of a remote code execution flaw in the Spring Framework, but many are not mentioning that the flaw in question was fixed over a year ago and that what has been found is actually a new way to exploit that old flaw. In 2011, a "variable" severity flaw, identified as CVE-2011-2730, was discovered by two researchers in versions 3.0.0 to 3.0.5, 2.5.0 to 2.5.6SEC02 and 2.5.0 to 2.5.7SR01. more
News Source Techcrunch

Open Source Software: Compliance Basics And Best Practices

Startups stand on the shoulders of giants, developing proprietary applications on top of a software landscape that heavily leverages open source components. But as the saying goes, free software is not free, and using open source software requires that organizations understand the legal framework of open source. more
News Source It Canada

IT in Canada profile: Sonatype

How Sonatype helps customers: Sonatype’s Component Lifecycle Management products were designed to enable software development organizations to establish visibility and control in a complex and agile software supply chain. more
News Source Redmonk

Ten Years of RedMonk

Ten years ago today the DARPA funded paper describing REST was six months old. There was no Firefox. No Eclipse Foundation. No Facebook. No Amazon Web Services. No Twitter. No LinkedIn. No YouTube. No Etsy. No Gmail. No Hadoop. No iPhone. Apple, in fact, was worth $5.143B, or about what they made every month and a half in 2012. more
News Source It Canada

Open Source Management software: riding herd on collaborative innovation

With all due respect to UC systems, SharePoint and Facebook, by far the most common manifestation of collaboration in enterprise IT is the use of open source software. Products such as Linux, Firefox, and Apache aren’t just common, they’re ubiquitous: Gartner reports that “by 2016, at least 95% of IT organizations will leverage non-trivial elements of OSS technology in their mission-critical IT portfolios.”. more
News Source Sd Times

Security practices take focus off programmers and onto systems

Security concerns grow every day for application developers. With public-facing Web applications, mobile devices and wireless connections everywhere, sometimes software can feel as though it's being built with a target on its back. But a host of new security solutions from the likes of Denim Group, Sonatype and Veracode are attempting to rectify security concerns throughout the development process. more
News Source Information Week

Maven Developer van Zyl Focuses On Code Security

It's a well-recognized fact that the earlier a security exposure is found, the less it costs to fix. Sonatype CTO Jason van Zyl wants to carry that finding out to its logical conclusion and detect and fix vulnerabilities during development. more
News Source Openshift

Nexus Repository Manager in the Cloud for Free with OpenShift

Sonatype Nexus is a repository manager software which manages your software artifacts for development, deployment, and provisioning. It acts like your own central maven repository. All the teams with in an organization can download jars from Nexus and upload their team artifacts to Nexus. more


Codie INC 500 Red Herring SD Times NVTC RSA Gartner