Sonatype
See the following -
Actionable Control for Open Source Components
Sonatype has released the Nexus Professional 2.0 open-source repository manager. The new iteration now includes more "actionable" information about the open-source components used in any development project. This action-centric approach is designed to provide insights into component security and licensing. Read More »
- Login to post comments
How the Federal Reserve Bank of New York Navigates the 'Supply Chain' of Open Source Software
Large companies have divisions and subsidiaries that make efficient organizational management a challenge. Perhaps no one recognizes that more than Colin Wynd, vice president and head of the Common Service Organization at the Federal Reserve Bank of New York. Wynd is charged with ensuring that software development practices and strategy are forward-thinking and secure, and adhere to compliance regulations. Several years ago, Wynd and his team started to think more holistically about how their developer teams worked, he explained in a presentation at the recent Jenkins World conference in San Francisco...
- Login to post comments
US Congress Intervenes to Address Cyber Security Crisis with Software Supply Chain Focus; Sonatype Introduces Free Application Health Check To Support Government Agencies And Software Providers
Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a free Application Health Check to immediately alert federal agencies and software suppliers about known vulnerable open source components and where they exist within an application...
- Login to post comments