Event: Java One 2014

Date: September 28 – October 2, 2014
Location: San Francisco, CA

Join us and the worldwide Java developer community at the largest Java based conference of the year. Java One is a must attend conference where practitioners come to learn how they can build next generation applications using Java.

Sonatype Webinar

Nexus Community Comes to Chicago

Date: September 24, 2014
Location: Chicago, IL

Calling all developers, architects, devops champions! If you are looking to optimize development performance, implement DevOps practices, take away the pain of open source governance policies - don't miss this exclusive community event for Nexus users and others interested in learning about how Nexus Component Managers support agile and DevOps goals.


Event: Appsec USA 2014

Date: September 16 -19, 2014
Location: Denver, CO

Join us at Appsec USA, the world-class software security conference located in an high energy atmosphere in downtown Denver. Appsec is a conference for developers, auditors, risk managers, technologists and entrepreneurs interested in sharing industry best practices.

Sonatype Webinar

Webinar: Open Source Development and Application Security Survey: The Results are In!

Over 3,300 participated! The final results of our 4th Annual Open Source and Application Security Survey are in. Adrian Lane from Securosis and Brian Fox from Sonatype provide a detailed breakdown of the findings from a developer and an application security perspective. They discuss policies, practices, and breaches as well as how organizations can use these results to create constructive conversations to feed their open source security management practices.


RSA Webinar: Software Liability?: The Worst Possible Idea (Except for all Others)

On-Demand Recording: Streamed Thursday, May 29, 2014

While many had hoped that market competition would influence security improvements, customers are forced to accept software as is with no alternatives. Software is responsible for our critical infrastructure, cars, medical devices and is a part of our daily lives including our well-being. Will we be able to achieve better software security without vendors facing financial consequences?

Sonatype Webinar

Webinar: Lessons Learned from Heartbleed, Struts and the Neglected 90%

On-Demand Recording: Streamed May 1st, 2014

Watch this insightful and witty discussion between two old pals, Wendy Nather, Security Research Director at 451 Research and Josh Corman, CTO at Sonatype on the state of application security today. They share their perspectives on the changing landscape of application development and how this is impacting common application security approaches. They agree the dramatic shift from source code to component based development has created an open source security gap. With component vulnerabilities becoming national news, Heartbleed, Struts and the promise of more to come, now is the time to address this growing security gap.

Sonatype Press Release

Webinar: FS-ISAC Best Practices for Managing Risk from Open Source Libraries & Components

On-Demand Recording

In December of 2013, the FS-ISAC Third Party Software Security Working Group released new controls to manage risk associated with open source libraries and components. These controls recommend financial institutions apply policy management and enforcement as well as inventory management for open source libraries and components used in their application portfolio. Webinar features Jim Routh, Aetna's Chief Security Officer and Joshua Corman, Sonatype's Chief Technology Officer.


Nexus Live: December 2013 with Tyler Jewell, CEO of Codenvy

On-Demand Recording: Streamed December 19, 2013

Watch our December Nexus Live event featuring Tyler Jewell, CEO of Codenvy. Codenvy runs a cloud based development and deployment environment in a true devops fashion. Tyler shares how Codenvy uses Nexus as part of their build pipeline.


Nexus Live: November 2013 with Kyle Allan from Riot

On-Demand Recording: Streamed November 21, 2013

We continued our DevOps focus for the month of November and were joined by Kyle Allan from Riot Games. Kyle shared how Riot Games uses Chef to install Nexus. He also shared how they are using the Nexus REST API in the command line interface and a Nexus cookbook he has open sourced. Watch the recording to learn how to extend the value of Nexus into your deployment environment.


Nexus Live: October 2013 featuring Puppet

On-Demand Recording: Streamed October 23, 2013

Learn how Hubspot.com developed a system using Puppet that provisions Nexus instances into a deployment platform in a DevOps manner.


Nexus Live: September 2013 featuring the Nexus user survey

On-Demand Recording: Streamed September 11, 2013

Watch our live panel discussions with Nexus experts where they highlight survey results from our most advanced Nexus users. Learn what development tools work with Nexus, what features users value most and see how over half of users survey are interested in extending component management beyond their repository manager.


Nexus Live: July 2013 profiling Nexus with JMX

On-Demand Recording: Streamed on July 17, 2013

Watch our July session to learn how to profile your Nexus installation with JMX and hear from the Maven creator, Jason van Zyl on the highlights of the newest Maven 3.1.0 release.


Nexus Live: June 2013 improving security, build promotion & staging

On-Demand Recording: Streamed June 19, 2013

Learn how you can extend your repository manager strategy to improve the security and quality of your applications. Find out how you can simplify your build promotion and staging with recent Nexus Pro enhancements. Also, learn how you can use Gradle to deploy components to Nexus.


Nexus Live: May 2013 focus on Repository Healthcheck

On-Demand Recording: Streamed May 31, 2013

See the most popular feature of Nexus in action, get a complete overview of the Repository Health Check to assess the health of the components in your repository. Avoid risks by reviewing popularity, license type and security vulnerabilities for every component in the repository. Also see an early preview of Nexus 2.6.


Nexus Live: April 2013 with LDAP tips & tricks

On-Demand Recording: Streamed April 26, 2013

Learn tips and tricks for using the LDAP support available in both Nexus OSS and Nexus Pro. Learn about top support issues with Nexus 2.4 and get an early preview on Nexus 2.5.


Nexus Live: March 2013 with new Nexus 2.4 features

On-Demand Recording: Streamed March 22, 2013

The top of the hour kicked off with new features of Nexus 2.4 and the rest of the hour was dedicated to live Q&A discussion with active community members and our expert panel.



Codie INC 500 Red Herring SD Times NVTC RSA Gartner