Collaborate Disseminate
Findings from our annual State of the Software Supply Chain Report, which looks at the use of open source software development, told us two main things:
The post Cloud Security Concerns in 2021 appeared first on Security Boulevard.
Continue reading Cloud Security Concerns in 2021
The Sonatype Nexus IQ plugin can now evaluate and analyze Javascript/Node components in your projects. This functionality is now available for IntelliJ IDEA, in use by an estimated 82% of Java developers as of 2020. IntelliJ IDEA is a feature-ri… Continue reading Javascript Scanning Now Supported In Jetbrains IDEs: Intellij IDEA, Webstorm, and More
Deep code analysis designed for developers and focused on code quality is here.
When you have an awesome new product aimed at helping developers catch and fix code quality issues during code review, it’s hard not to get excited. Then, combine that… Continue reading 3-2-1, Lift off! It’s Time to Elevate Your Development with Sonatype Lift
Has anyone ever asked you where all of your applications were located; and your response was “Somewhere in GitHub?” We know that feeling too.
The post Onboarding Nexus Lifecycle Through SCM appeared first on Security Boulevard.
Continue reading Onboarding Nexus Lifecycle Through SCM
Today, we’re excited to announce a partnership with Fugue to bring cloud security and compliance into development work streams, helping your teams build, deploy, and manage secure applications in today’s popular cloud-native environments.
The pos… Continue reading Open Source and Cloud Security Together at Last
Today we’re going to talk about letters, as in the alphabet.
Did you ever see the Friends episode where Joey can’t afford an entire set of encyclopedias, so he just buys the one with the letter “V” and tries to steer every conversation to V words… Continue reading GitLab: instant, inline, indispensable developer insights
We’ve been working to integrate component intelligence from Nexus Lifecycle directly into source control management (SCM) systems so that developers can choose the best open source components and build secure applications from the start.
The… Continue reading Hitting the Trifecta with GitLab Automated Merge Requests
Pull request line comments highlight the exact line(s) of code that introduced a policy violation, giving developers all the information they need to remediate open source risks and innovate securely without sacrificing speed.
Developers need to k… Continue reading Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments
Over the last few weeks we’ve been highlighting our integrations with Atlassian that bring open source governance insights right into your favorite Atlassian tools. We have integrations for planning and building applications. We wanted to sa… Continue reading Continuously Improve CI/CD with Nexus Lifecycle and Bitbucket Code Insights
Increase efficiency with automation and integrations between your favorite development tools
As more and more software development teams rely on open source, it is now more important than ever to ensure that only the best open source components ma… Continue reading Build Better Code Using Sonatype’s Integrations with Atlassian