Sonatype Logo dark

Platform
- Products
- Why Sonatype
- Accelerate Pipelines with the World's Leading Artifact Repository Manager
  
  Try It Free
- Explore solutions for you
Solutions
- OSS Management
- Developer Solutions
- Industry
- Sonatype Named a Leader in Forrester Wave™ for SCA Software
  
  Read Report
Pricing
Resources
- Resources
- Customer Resources
- Developer Community
- Explore The Latest Research on AI Component Analysis
  
  Watch On-Demand
Company
- Company
  - About
  - Customer Stories
  - Events
  - Newsroom
  - Careers
  - Blog
  - Contact Us
- Partners
- Contact Us
  
  Speak to a Software Supply Chain Expert
  
  Contact Us
Login Contact Us Book a Demo

Login Contact Us Book a Demo

This is a search field with an auto-suggest feature attached.

There are no suggestions because the search field is empty.

devzone Posts

Filters

Search

Topics

AI

Application Security

DevOps

Malware & Vulnerabilities

Regulations & Compliance

SBOM

Software Development

featured image for A Guide for Open Source Software (OSS) Security

Blog Post

A Guide for Open Source Software (OSS) Security

Read More

featured image for The Impact of Automating Open Source Dependency Management

Blog Post

The Impact of Automating Open Source Dependency Management

Read More

featured image for SBOM, VDR, and Maven: Transforming the Apache Logging Experience to a Common Pattern

Blog Post

SBOM, VDR, and Maven: Transforming the Apache Logging Experience to a Common Pattern

Read More

featured image for Comparing and Converting between SBOM Formats

Blog Post

Comparing and Converting between SBOM Formats

Read More

featured image for npm Packages Spread 'Bladeroid' Crypto-Stealer, Hijack Your Instagram

Blog Post

npm Packages Spread 'Bladeroid' Crypto-Stealer, Hijack Your Instagram

Read More

featured image for The Curious Case of 'csrf-magic': A Case Study in Supply Chain Poisoning

Blog Post

The Curious Case of 'csrf-magic': A Case Study in Supply Chain Poisoning

Read More

featured image for Malicious PyPI Package 'VMConnect' Imitates VMware vSphere Connector Module

Blog Post

Malicious PyPI Package 'VMConnect' Imitates VMware vSphere Connector Module

Read More

featured image for Getting Started with the Secure Software Development Framework (SSDF)

Blog Post

Getting Started with the Secure Software Development Framework (SSDF)

Read More

featured image for

Blog Post

"Quoi...? Feur" from Meme to Malware – PyPI Package Targets Windows with 'NullRAT' Info-Stealer

Read More

featured image for A Closer Look: Differentiating Software Vulnerabilities and Malware

Blog Post

A Closer Look: Differentiating Software Vulnerabilities and Malware

Read More

featured image for npm Manifest Confusion - What Is It and Do You Really Need to Worry about It?

Blog Post

npm Manifest Confusion - What Is It and Do You Really Need to Worry about It?

Read More

featured image for How to Measure the Maturity of Your Software Supply Chain

Blog Post

How to Measure the Maturity of Your Software Supply Chain

Read More

1
2
3
...
14

Platform

Nexus One Pricing Nexus Repository Repository Firewall Lifecycle SBOM Manager Maven Central

Why Sonatype

Compare Sonatype Open Source Intelligence Best SCA Tools Best Malware Protection Tools Best Artifact Repository Solutions Best SBOM Compliance Solutions

Resources

Resources Center Blog Product Tours Webinars Customer Stories Analyst Reports Research

Developer

Integrations All Day DevOps (ADDO) Free Nexus Repo Download Sonatype OSS Index MCP Server

Customer Resources

My Sonatype Documentation Support Training & Workshops

Company

About Careers Partners Newsroom

Contact Us

X social logo
LinkedIn social logo
Facebook social logo
YouTube social logo
GitHub social logo

Terms of Service
Privacy Policy
Modern Slavery Statement
Event Terms and Conditions
Do Not Sell My Personal Information
Cookie Preferences
Trust Center

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.