Collaborate Disseminate
In addition to regular vulnerability data research, the Sonatype Security Research Team also contributes to the open-source community by going the extra mile when we discover flaws that were previously not reported. Recall, earlier this year when … Continue reading CVE-2020-17479: The return of Validation Bypass (CVE-2019-19507) in `jpv`
We’ve been working to integrate component intelligence from Nexus Lifecycle directly into source control management (SCM) systems so that developers can choose the best open source components and build secure applications from the start.
The… Continue reading Hitting the Trifecta with GitLab Automated Merge Requests
By Roger Cheeks, US-East Sales Engineer, Corelight Corelight is a powerful network traffic analysis tool that enables network detection and response (NDR) for AWS Cloud workloads by receiving packets from an AWS Virtual Private Cloud (VPC) traffic mirr… Continue reading NDR for AWS Well-Architected
We recently introduced Morphisec Guard, a full endpoint protection platform designed to secure your enterprise against the worst cyberattacks. Guard is a single lightweight offering, including world-class antivirus, together with the market’s most… Continue reading Morphisec Special Offer: Full Best-in-Class Endpoint Protection At A Lower Price Than Your Current Antivirus
Defending your critical infrastructure against cyber threats has never been harder. Adversaries constantly innovate new techniques to exfiltrate or encrypt data, forcing defenders to play a cybersecurity version of “whack-a-mole” in th… Continue reading Proactive Endpoint Protection: How Morphisec Guard Secures Your Infrastructure
We are excited to announce the official release of Nexus Repository 3.25. Delivering on much anticipation from the Nexus community, this release completes full support for NuGet V3 repositories, including new NuGet V3 Group repositories, and gives… Continue reading New in Nexus Repository 3.25: How Do I Switch to NuGet V3?
Castle Solutions Architect Aron Eidelman demonstrates Account Takeover tactics by attackers and new ways to outsmart them and protect your users.
The post Outsmarting ATO Threats appeared first on Security Boulevard.
Continue reading Outsmarting ATO Threats
Pull request line comments highlight the exact line(s) of code that introduced a policy violation, giving developers all the information they need to remediate open source risks and innovate securely without sacrificing speed.
Developers need to k… Continue reading Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments
Over the last few weeks we’ve been highlighting our integrations with Atlassian that bring open source governance insights right into your favorite Atlassian tools. We have integrations for planning and building applications. We wanted to sa… Continue reading Continuously Improve CI/CD with Nexus Lifecycle and Bitbucket Code Insights
Increase efficiency with automation and integrations between your favorite development tools
As more and more software development teams rely on open source, it is now more important than ever to ensure that only the best open source components ma… Continue reading Build Better Code Using Sonatype’s Integrations with Atlassian