Getting Open Source Under Control IT Business Edge Published on the web here. May 10, 2012 As IT organizations have come to depend on open source software more than ever in the wake of the recent downturn, it’s clear that managing open source software is becoming increasingly challenging. Read More »
Code Libraries and Application Frameworks: A CIO's Security Nightmare? CIO Insight Published on the web here. May 07, 2012 With so much of the discussions about enterprise security centered around securing enterprise data, it’s surprising how rarely the CIO will be brought into discussions about how to safeguard code libraries and application frameworks. Read More »
As open-source adoption grows, so do security risks SD Times Published on the web here. May 04, 2012 Open-source adoption is growing, but with that growth comes greater risk, according to several leading companies that supply open-source licensing and maintenance software. Some open-source applications have been updated for years to account for new security threats, but companies, for various reasons, have not internally updated their software stacks, leaving them vulnerable. Read More »
Confirmed: Too Many Open Source Projects Remain Arbitrary Mashups ReadWriteWeb Published on the web here. April 27, 2012 One benefit many developers perceive from working with a proprietary platform is that its components are generally updated and deployed according to a single agenda. (Sometimes that agenda is so slow that this fact becomes undeniable.) By contrast, the tremendous pace of open source development can be overwhelming for some. Read More »
Open Source Software Popularity Is Skyrocketing Midsize Insider Published on the web here. April 27, 2012 The next stage in technology will result from collaboration, not competition, according to many who support the concepts behind the open source movement. Once the purview of IT outliers, open source has now infiltrated just about every aspect of technology and according to a recent survey, is driving the innovation that will define tomorrow's business applications. Read More »
Open source is driving business app dev: survey IT World Canada Published on the web here. April 27, 2012 Hardly a month goes by without some fresh evidence of the growing popularity of open source software, and perhaps one of the best examples in recent weeks has been Microsoft's creation of its new Open Technologies division. Read More »
Enterprises Standardize on Open-Source Use, but Governance Issues Persist: Sonatype eWeek Published on the web here. April 25, 2012 Organizations of all sizes continue to adopt open-source platforms and applications at an accelerated pace, but lack of internal controls and flawed processes continue to be a challenge—putting organizations at unnecessary risk, according to a survey by software developer Sonatype of more than 2,500 developers, architects and IT managers across several industries, sizes and locations. Read More »
Open source is driving business app development InfoWorld Published on the web here. April 25, 2012 Hardly a month goes by without some fresh evidence of the growing popularity of open source software, and perhaps one of the best examples in recent weeks has been Microsoft's creation of its new Open Technologies division. Read More »
Open Source Is Driving Business App Development, Survey Finds PC World Published on the web here. April 24, 2012 Hardly a month goes by without some fresh evidence of the growing popularity of open source software, and perhaps one of the best examples in recent weeks has been Microsoft's creation of its new Open Technologies division. Read More »
Survey: A third of development teams keep open-source records SD Times Published on the web here. April 23, 2012 Only 32% of teams maintain a detailed record of the open-source components in their software stacks, according to a survey released today of 2,500 developers, architects and IT managers. Read More »
Sonatype's Open Source Boost To Software Productivity Forbes Published on the web here. April 23, 2012 It seems like a contradiction in terms — open source software is by definition created for free by coders who want to make a name for themselves writing components that organizations use at no charge. So how could one company come to dominate a world where the product is made and bought for free? Read More »
Only 20% of corporate OSS users manage components ZD Net Published on the web here. April 23, 2012 Only about 20 percent of companies using open source components have lock down controls and fewer than 50 percent have corporate policies in place to manage component usage, according to a study of 2500 developers released by component repository vendor Sonatype Read More »
Enterprise Open Source Usage Is Up, But Challenges Remain TechCrunch Published on the web here. April 22, 2012 I think we can all safely agree that open source software development is here to stay. Open, collaborative development has fundamentally changed not only how we code, but also the code we produce. Read More »
Open Source: The Good, Bad and Ugly — Studies in Two Extremes Formtek Published on the web here. April 18, 2012 When top-class Open Source tools and applications (think software like Linux, Apache Web Server, PostgresSQL and PHP) went head to head against similar proprietary software, a recent survey found that Open Source bested or equaled the quality of their proprietary cousins. The Open Source community hailed these findings from Gartner and Coverity. Read More »
Study Warns of Security Flaws in Open Source Components eSecurity Planet Published on the web here. April 13, 2012 A recent study by Aspect Security and Sonatype found that many of the world's largest companies are running open source applications with security flaws. Read More »
Study finds widespread use of vulnerable open source components Infosecurity Magazine Published on the web here. April 13, 2012 The study, the 'Unfortunate Reality of Insecure Libraries', found that many organizations use open source components as the building blocks for their applications but have zero visibility into whether the components they are using are secure, thereby exposing the organization to security risks. Read More »
Do insecure open source components threaten your apps? Australian TechWorld Published on the web here. March 30, 2012 Since Apache Maven, the brainchild of Sonatype founder Jason van Zyl, emerged as a top-level Apache Software Foundation project in 2003, the Central Repository has become a primary source of open source components. Jackson says the Central Repository receives four billion requests per year for its 300,000 components. Read More »
Do insecure open source components threaten your apps? IT World Published on the web here. March 30, 2012 Since Apache Maven, the brainchild of Sonatype founder Jason van Zyl, emerged as a top-level Apache Software Foundation project in 2003, the Central Repository has become a primary source of open source components. Jackson says the Central Repository receives four billion requests per year for its 300,000 components. Read More »
Do Insecure Open Source Components Threaten Your Apps? PC Advisor Published on the web here. March 30, 2012 Since Apache Maven, the brainchild of Sonatype founder Jason van Zyl, emerged as a top-level Apache Software Foundation project in 2003, the Central Repository has become a primary source of open source components. Jackson says the Central Repository receives four billion requests per year for its 300,000 components. Read More »
Do Insecure Open Source Components Threaten Your Apps? ComputerWorld Published on the web here. March 30, 2012 Open Source components are a boon to developers, allowing them to efficiently write code without reinventing the wheel. But since open source lacks the notification infrastructure of commercial software, organizations must maintain a running inventory of open source components and their dependencies in production applications or risk deploying apps with known vulnerabilities. Read More »
Do Insecure Open Source Components Threaten Your Apps? CIO Published on the web here. March 30, 2012 Open Source components are a boon to developers, allowing them to efficiently write code without reinventing the wheel. But since open source lacks the notification infrastructure of commercial software, organizations must maintain a running inventory of open source components and their dependencies in production applications or risk deploying apps with known vulnerabilities. Read More »
Do Insecure Open Source Components Threaten Your Apps? CSO Published on the web here. March 30, 2012 Since Apache Maven, the brainchild of Sonatype founder Jason van Zyl, emerged as a top-level Apache Software Foundation project in 2003, the Central Repository has become a primary source of open source components. Jackson says the Central Repository receives four billion requests per year for its 300,000 components. Read More »
Repositories offer up vulnerable libraries says report The H Published on the web here. March 30, 2012 A report by Aspect Security and Sonatype analysed 113 million downloads of 31 popular open source Java frameworks and security libraries and found that, of those downloads, 26% of them had a known vulnerability. Read More »
Report: Half Global 500 Vulnerable to Open Source Security Loopholes Proformative Published on the web here. March 30, 2012 Aspect Security and Sonatype have recently collaborated to provide the industry's first study of potential vulnerabilities in open-source computing tools. These flexible components are used by members of the Global 2,000 and other leading organizations thousands of times each day in their operations, and the implications of security frailties could be significant. Read More »
Study Finds Widespread use of Vulnerable Open-Source Components by the Global 500 InfoTech Spotlight Published on the web here. March 30, 2012 Sonatype, ensuring the integrity of the modern software supply chain, has collaborated with Aspect Security , a provider of application security, to study the real-world use of vulnerable versions of open-source libraries. Read More »
The Inherently Insecure Nature of Open Source Projects Tech Security Today Published on the web here. March 29, 2012 A huge percentage of the applications being built these days rely on previously existing components that developers stitch together to make a new application. In fact, the vast majority of these components are open source projects that developers assume to be secure given the peer review process that most open source projects are based on. Read More »
Sonatype not out to slam open source Linux Today Published on the web here. March 29, 2012 "Yeah, thought so. "Which is pretty much what was going through my head when I read Monday's wire reports that software-development firm Sonatype and application security specialists Aspect Security has released a study with a press release that highlighted "[m]ore than 80 percent of typical software applications are open-source components and frameworks consumed in binary form." Read More »
Sonatype not out to slam open source IT World Published on the web here. March 28, 2012 A new study from some company reveals that free/open source software is riddled with security errors/license compliance issues/naughty words in the source code and that the company's super-duper products/services are the only thing that will save the day/bring world peace/make a better ending for Lost. Read More »
Are Open Source Libraries Any More Vulnerable Than Closed Source? Network World Published on the web here. March 27, 2012 My friend and Network World editor, Ellen Messmer posted an article yesterday about the results of an analysis by Aspect Security of the Central Repository maintained by Sonatype. The study was announced by Aspect and Sonatype yesterday. Both the study and Ellen's article have set off a bit of a firestorm in both the open source and security communities about the security or lack thereof of open source libraries and components. Read More »
Sonatype Eyes "Staggering" Use Of Vulnerable Open Source Components Dr. Dobbs Published on the web here. March 27, 2012 Attempting to analyze real-world usage of vulnerable versions of open-source libraries, software vendors Sonatype and Aspect Security claim to have found "staggering" use of susceptible components that have been downloaded from central repositories in order to conduct finance, energy, government, and military activities. Read More »
Devs spanked for touching vulnerable open-source packages The Register Published on the web here. March 27, 2012 Developers are sucking buggy open-source programming frameworks off the web unaware that newer fixed versions exist, according to a new report. Read More »
Open Source Libraries: A Breeding Ground for Malware? Network Security Published on the web here. March 27, 2012 A recent study undertaken by Aspect Security and Sonatype, open-source software repository reveals open-source code libraries as rife with vulnerabilities. Read More »
Widespread use of vulnerable open source components Help Net Security Published on the web here. March 27, 2012 Sonatype and Aspect Security collaborated on a study of the real-world use of vulnerable versions of open source libraries. Read More »
Application developers criticized for using vulnerable open-source packages IT Direction Published on the web here. March 27, 2012 Application developers and programmers are increasingly utilizing open-source frameworks off the internet that often have serious bugs and even critical security holes in them, completely unaware that newer and fixed versions already exist, according to a new report just released today. Read More »
Study: Open source libraries propagate security flaws InfoWorld Published on the web here. March 27, 2012 Although companies such as Microsoft, Adobe, and Mozilla have raised awareness of secure programming practices in recent years, getting developers to adopt best practices to weed out vulnerabilities in program code remains a challenge. A case in point: Developers often overlook the necessity of keeping the source components of their software up-to-date, a problem exacerbated by poor update mechanisms, according to a study released on Monday. Read More »
Vulnerable open-source code components in business software Fierce CIO Published on the web here. March 27, 2012 A new research study has found that most businesses and independent software vendors that use open-source components in their applications don't know whether those components are safe. The research was conducted by Aspect Security, a firm that evaluates software for vulnerabilities, and Sonatype, which operates the Central Repository, an exchange for open-source components with a library of more than 300,000 components. Read More »
Banks and ISVs hit hard by open source vulnerabilities jaxenter Published on the web here. March 27, 2012 Financial institutions and independent software vendors (ISVs) are being hit disproportionately hard by security holes in open source software components, according to a new study by Sonatype and Aspect Security. The companies followed out-of-date, compromised packages in the Maven Central Repository over the course of a year, watching the ‘Global 500’ group clock up a collective 2.8 million downloads. The ‘Global 100’ group of banks and other financial institutions downloaded 567,000 insecure components over the same period. Read More »
Developers Relying on Open Source Libraries Containing Security Vulnerabilities DevX Published on the web here. March 27, 2012 A new report from Sonatype and Aspect Security finds that developers are continuing to download out-of-date versions of open source libraries, even when repaired versions exist. Read More »
Open source code libraries suffer from vulnerabilities InfoWorld Published on the web here. March 26, 2012 A study of how 31 popular open source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were tainted. Read More »
Open Source Code Libraries Seen as Rife With Vulnerabilities PC World Published on the web here. March 26, 2012 A study of how 31 popular open-source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were tainted. Read More »
Open source code libraries seen as rife with vulnerabilities Network World Published on the web here. March 26, 2012 A study of how 31 popular open-source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were tainted. Read More »
Open Source Security Vulnerabilities Plague Large Organizations Security Week Published on the web here. March 26, 2012 An analysis of a widely-used repository for open source components revealed that Global 500 organizations collectively downloaded more than 2.8 million insecure components in one year. Read More »
Study: More than 50% of Global 500 use vulnerable open source components ZDNet Published on the web here. March 25, 2012 A joint study conducted by Sonatype and Aspect Security found that many open source components, security libraries and web frameworks contain vulnerabilities, and that many Fortune 500 companies have downloaded and built applications based on these components. Read More »
How to develop open-source software within any kind of company VentureBeat Published on the web here. March 19, 2012 For businesses and other organizations today, open-source software (OSS) is transformative in terms of its ability to allow organizations to write software very quickly and to leverage innovation very aggressively. Read More »
Mitigating the Risks of Open-source-based Development ISACA Published on the web here. March 19, 2012 Open-source components are the building blocks of the modern software supply chain, and why not? They have been shown to lower costs, improve quality, advance innovation and speed software development processes. Read More »
Sonatype Repository Now Supports the .NET Framework Visual Studio Published on the web here. March 03, 2012 Microsoft-focused developers looking for a centralized place from which to share .NET Framework components now have another choice. Read More »
Sonatype Repository Now Straddles Java and .NET Dr. Dobbs Published on the web here. February 29, 2012 Sonatype has extended the use of its Nexus repository manager to .NET developers this month. Now compliant with both Java components and Microsoft platform code blocks, the company hopes to win new appeal among programming shops operating heterogeneous development environments. Read More »
Putting the control-factor into open source components ComputerWeekly.com Published on the web here. February 24, 2012 The new Nexus Professional 2.0 may sound more like a digital camera than a developer tool, but its basic function is to provide "actionable" information about the open-source components used in any development project. Read More »
Sonatype Brings Industry-Leading Repository Manager to .NET Developers SD Times Published on the web here. February 24, 2012 Sonatype, the company that is transforming software development, today announced that software developers using the .NET Framework can now utilize the Sonatype Nexus Professional repository manager to store, access and manage .NET components. Nexus is already the industry's most widely used repository manager for Java components. By extending support to .NET, Sonatype now offers an ideal solution for Microsoft development teams, as well as heterogeneous development organizations. Read More »
Sonatype Java Repository Now Accepts .NET Components Application Development Trends Published on the web here. February 22, 2012 Sonatype today released a new version of its Maven-based component repository that supports software developers using the .NET Framework. Version 2.0 of Sonatype's Nexus Professional, a widely used repository manager for Java components, adds support for.NET developers who want to store and manage their components in a repository. Read More »
Actionable Control For Open Source Components Dr. Dobbs Published on the web here. February 22, 2012 Sonatype has released the Nexus Professional 2.0 open-source repository manager. The new iteration now includes more "actionable" information about the open-source components used in any development project. Read More »
Sonatype Nexus 2.0 brings intelligence to repository management jaxenter Published on the web here. February 16, 2012 Six years since the first version made its appearance, Sonatype has released Nexus Professional 2.0, bringing an array of new features and enhancements to the premier repository management tool. Read More »
Sonatype Nexus Professional 2.0 Released - The First Intelligent Repository Manager DZone Published on the web here. February 15, 2012 The future of repository management is here. Read More »
Nexus 2.0 Released InfoQ Published on the web here. February 15, 2012 Today, Sonatype released Nexus 2.0, a significant upgrade to their namesake repository software and the engine behind the Central. Read More »
John Backus, Wayne Jackson and CIT GAP Funds Honored as Winners of the Entrepreneur Navigator Awards NVTC Published on the web here. February 07, 2012 The Entrepreneur Center @NVTC announced the 2012 winners of the Entrepreneur Navigator Awards at a reception on Thursday, February 2, at the Tower Club in Tysons Corner, Va. The Navigator Awards recognize individuals and organizations whose commitments of time, experience, intellectual capital and personal effort have improved the quality of the entrepreneur community or have led to the success of a startup or entrepreneur. Read More »
What’s in Store for 2012: A Few Predictions RedMonk Published on the web here. January 17, 2012 The cost of delaying my 2012 predictions is that one has already come to pass. Nginx – the web server now powering all of the redmonk.com properties – passed IIS according a January 4 Netcraft release. Read more: http://redmonk.com/sogrady/2012/01/13/2012-predictions/#ixzz1jpPTXEkD Read More »
Sonatype Brings Java .Net Projects into the Central Repository Java Magazine Published on the web here. December 07, 2011 It's natural for open source projects to build upon the work done by other open source projects. Sonatype is facilitating the availability of components from Java.net's large open source project base, by bringing Java.net project artifacts into the Central Repository, a leading source for open source Java components. Read More »
Sonatype Insight: Data as the Product RedMonk Published on the web here. November 03, 2011 Sonatype Insight: Data as the Product Sonatype Insight Heatmap There is no shortage of evidence concerning the value of data, generally. From predicting the flu to the outcome of elections (PDF) to the best practices for dating websites, it’s obvious that knowledge really is power. What’s been lacking, at least according to the conventional wisdom, has been proof points of data being a direct source of revenue. Read more: http://redmonk.com/sogrady/2011/11/03/sonatype-insights/#ixzz1d8qkeoUo Read More »
Top 10 Tips for Improving Your Open Source Software Governance DevX Published on the web here. October 24, 2011 Gartner estimates that by 2013, 90 percent of Global 2000 enterprises will include open source software (OSS) as business critical elements of their IT portfolios -- and by 2016, that number will increase to 99 percent. It makes sense that open source use is on the rise. Java developers already know that open source offers unmatched flexibility, the power to control and easily modify code and optimize performance. The bottom line: Using open source components for software development improves an organization's ability to deliver higher quality software faster at lower cost. Read More »
IT inferno: The nine circles of IT hell InfoWorld Published on the web here. October 03, 2011 Spend enough time in the tech industry, and you'll eventually find yourself in IT hell -- one not unlike the underworld described by Dante in his "Divine Comedy." But here, in the data centers, conference rooms, and cubicles, the IT version of this inferno is no allegory. It is a very real test of every IT pro's sanity and soul. Read More »
Sonatype's Wayne Jackson on open source, venture capital and growing a business Washington Business Journal Published on the web here. September 23, 2011 The latest print edition of the Washington Business Journal includes a story by tech reporter Bill Flook on the latest plans for Sonatype, a software startup run by Wayne Jackson, a well-known tech entrepreneur in the D.C. region. Read More »
Sonatype Leverages Open Source Java Repository Application Development Trends Published on the web here. September 22, 2011 Sonatype this week launched a new suite of products and services designed to help companies better manage their usage of open source Java components. Called Sonatype Insight, it leverages the open-source Maven Central Repository, which the company administers, to generate actionable intelligence about open-source-software usage at any stage of the app-dev process. Read More »
Sonatype Offers Insight Into Enterprise Open Source Usage InfoQ Published on the web here. September 21, 2011 Sonatype, the main company which drives Maven development, has joined a growing list of companies which aim to help organisations understand and audit their open source software usage, with the announcement of the Sonatype Insight software suite. Read More »
Sonatype Shows Some (Component) Integrity Dr Dobbs Published on the web here. September 19, 2011 Hitting the global software tools marketplace this week is Sonatype Insight, a new suite described as a combination of both "software products and information services" for ensuring the integrity of open-source components in the software supply chain. Read More »
Open Source ROI with Less Risk Sys-Con Media Published on the web here. September 19, 2011 It's a scenario with which many Java developers are all too familiar - and one which many fear. You log on to the network or arrive at the office to discover your Chief Security or Compliance Officer, Application Manager or even a VP of Sales and Marketing in a state of panic. A commonly used open source component has a serious security vulnerability that may expose your client-facing applications to attack. Even worse, the flaw was identified a few weeks ago, but your organization has just heard about it. Read More »
Sonatype offers insight into enterprise open-source usage SD Times Published on the web here. September 19, 2011 Gartner estimates that 99% of companies will be using open-source software components in their software packages by 2015, and it is because of this that Mark Driver, research vice president for Gartner, believes enterprise organizations need to understand what risks exist and how to mitigate them. Read More »
Sonatype Introduces Open-Source Governance Solution eWeek Published on the web here. September 19, 2011 Sonatype has delivered Sonatype Insight, a new suite of software products and services to help ensure the integrity of open-source components in the software supply chain of enterprise systems. Read More »
Java Component Repository Adds JBoss Community Projects Application Development Trends Published on the web here. September 14, 2011 Another family of Java components will soon be available from the open source Maven Central Repository. Sonatype, the chief commercial supporter of Maven and administrator of the repository, has added Red Hat's JBoss Community project artifacts to the growing list of components assembled there. Read More »
Sonatype Strengthens Central Repository With JBoss Dr. Dobbs Published on the web here. September 07, 2011 Sonatype has moved to open up Java developer options by adding Red Hat's JBoss Community project components to the Central Repository open source Java components store. The company's goal is to provide developers with a route towards locating and consuming JBoss Community software components in a single, standard location. Read More »
Java.net Projects Now on Maven Central Repository Application Development Trends Published on the web here. August 23, 2011 Sonatype, the chief commercial supporter of the open-source Maven project, is working with Oracle to bring Java.net project artifacts to the Maven Central Repository, which the company administers for the Java community. Read More »
Java.net Projects Now on Sonatype's Central Repository jaxenter Published on the web here. August 22, 2011 Sonatype have announced a partnership with Oracle that brings Java.net projects to the Sonatype Central Repository. This migration was achieved through a hosted version of Sonatype Pro for Nexus, which was donated to the Java.net community by Sonatype. Java.net projects can now automate and synchronise their Java.net projects artifacts to the Central Repository, and developers can download the necessary artifacts from Java.net projects via Apache Maven. Read More »
Sonatype Adds java.net Projects to Its Central Repository Java.net Published on the web here. August 21, 2011 Last week, Sonatype announced that java.net projects are now included in the Sonatype Central Repository. Read More »
Java.Net Artefacts in Maven Central Info Q Published on the web here. August 18, 2011 Sonatype has announced the availability of Java.net open-source projects in Maven Central, in partnership with Oracle. Previously, it was either up to individual projects to move their content into Maven Central, or just host it on the Java.net repository for others to consume. Read More »
Sonatype Adds Java.net Projects to Central Repository InfoTech Published on the web here. August 18, 2011 The “Central Repository” will now include Java.net open-source projects as Sonatype enters into a relationship with Oracle (News - Alert). An announcement in this regard has been made by the company instrumental for transformation of software development, Sonatype. The “Central Repository” is the top source for open-source Java components in the industry. Over 40,000 development organizations across the globe use this repository daily. Read More »
Sonatype Adds Java.net Projects Support DZone Published on the web here. August 18, 2011 Sonatype, the company behind some of the most widely used tools in Java Development including Maven, announced a partnership with Oracle to bring Java.net projects to the "Central Repository". The move allows Java.net project owners to "easily automate and control synchronization of their Java.net project artifacts." The partnership aims to give development teams "faster builds, fewer integration problems and improved control of software component usage." Read More »
Sonatype Expands Maven Repository With Java.net Dr. Dobbs Published on the web here. August 16, 2011 Maryland-based Sonatype has formed a new bond with Oracle with the intention of bringing Java.net open-source projects to the Maven Central Repository of open-source Java components. Read More »
Eclipse Indigo arrives SD Times Published on the web here. June 22, 2011 The Eclipse Indigo release train arrived today with a renewed focus on the Java Development Tools platform. And at the top of the list of changes for Java developers is the inclusion of WindowBuilder Pro, formerly a commercial GUI builder from Instantiations and now a top-level project at the Eclipse Foundation, thanks to Google's acquisition of that company and subsequent donation of the code. Read More »
Eclipse Release Train 'Indigo' Launches 62 Projects Application Development Trends Published on the web here. June 22, 2011 The Eclipse Foundation announced its sixth annual release train today. This year's synchronized simultaneous launch of multiple Eclipse projects, code-named "Indigo," is the biggest yet, involving the work of 408 developers and 49 organizations contributing 46 million lines of code to 62 projects. Read More »
Making the Move to Maven 3 Dr. Dobbs Published on the web here. June 02, 2011 You won't lose any time in upgrading to Maven 3. Most Java programs use either Ant or Maven for the build step. While Ant is infinitely configurable, Maven employs convention instead of configuration. Read More »
Oracle Pushes Hudson Towards Eclipse Dr. Dobbs Published on the web here. May 06, 2011 Oracle has submitted a proposal to the Eclipse Foundation to create a Hudson project in Eclipse and contribute the Java-based Hudson continuous integration tool's core code to that project. Read More »
Sonatype Survey Finds Enterprises Standardize on Open Source and Component Use but Governance Issues Persist Silver Spring, MDApril 23, 2012 Annual Survey Shows Usage and Increased Reliance on Open Source Dramatically Increasing, But Policies and Infrastructure Still Lacking
Read More »New Study Reveals Widespread Use of Vulnerable Open-Source Components by the Global 500 Silver Spring, MDMarch 26, 2012 Study Finds More Than Half of the World's 500 Largest Corporations Use Vulnerable Components to Create Mission-Critical Software -- Awareness and Process Changes Needed, Stress Industry Heavyweights
Read More »Sonatype Brings Industry-Leading Repository Manager to .NET Developers Silver Spring, MDFebruary 21, 2012 Sonatype Nexus Professional 2.0 is the First Repository Manager to Support both .NET and Java Component-Based Development
Read More »Sonatype Nexus Professional 2.0 Brings Component Intelligence to Repository Management Silver Spring, MDFebruary 15, 2012 Real-Time Security, Licensing and Popularity Feeds Improve Visibility and Control for Component-Based Software Development
Read More »The Entrepreneur Center @NVTC Congratulates Entrepreneur Navigator Awards Winners Silver Spring, MDFebruary 02, 2012 John Backus, Wayne Jackson and CIT GAP Funds Honored for their contributions to the Greater Washington region’s entrepreneur community
Read More »Sonatype Named Finalist for “Most Innovative Company” at RSA Conference 2012 Santa Clara, CA and Silver Spring, MDJanuary 10, 2012 Sonatype Insight™ Recognized For Helping Organizations Mitigate Security Risks and Safely Use Open-Source Components in Application Development
Read More »Sonatype Addresses IT Security Professionals at SANS Security Architecture Conference in Washington Silver Spring, MDSeptember 29, 2011 Vice President of Engineering, Brian Fox to Offer Best Practices for Managing Risk and Maximizing Business Value from Open-Source Component Usage in Application Development
Read More »Sonatype Launches New Product Suite for Greater Visibility and Control of Open Source Usage in the Enterprise Silver Spring, MDSeptember 19, 2011 Sonatype Insight™ Allows Organizations to Build Better Software Faster without Quality, Security or Licensing Risks
Read More »Sonatype Adds JBoss Community Projects to Central Repository Silver Spring, MDSeptember 07, 2011 The Industry’s Leading Repository of Open Source Components Now Includes JBoss Community Projects, Bringing Added Convenience to Java Developers and Broader, Easier Distribution for the JBoss Community
Read More »Sonatype Expands the World’s Primary Repository of Open-Source Software Components with Addition of Java.net Projects Silver Spring, MDAugust 16, 2011 Software Developers and Project Owners to Benefit from Centralized Distribution Point for Open-Source Components to Speed Builds and Improve Software Quality
Read More »Sonatype Donates Apache Maven 3.x Integration to Hudson Project Silver Spring, MDMay 10, 2011 Hudson User Community to Benefit from Standards-Based Framework, Performance Improvements and the Ability to Run Complex Maven Jobs in the Proposed Eclipse CI Project
Read More »Sonatype Named "Cool Vendor" by Leading Analyst Firm Silver Spring, MDApril 19, 2011 Vendors Selected for the "Cool Vendor" Report are Innovative, Impactful and Intriguing
Read More »Sonatype Contributes Intuitive Search Capability to Maven Central Silver Spring, MDFebruary 08, 2011 Real-time Search Enhances the Industry Standard Repository for Java Software Components
Read More »Software Developers Embracing Open Source but with Few Corporate Controls Silver Spring, MDFebruary 01, 2011 Survey Underscores Widespread Adoption of Open Source Tooling, Heavy Reliance on Open Source Components
Read More »Sonatype Streamlines Software Development with Sonatype Professional Silver Spring, MDDecember 01, 2010 New Java Development Suite Integrates and Enhances Proven Open Source Technologies to Increase Code Reuse, Shorten Development Cycles, Improve Quality and Minimize Complexity
Read More »Sonatype Announces Significant Enhancements to Maven Central, Industry’s Leading Repository of Software Components Silver Spring, MDOctober 19, 2010 Expanded Investment to Benefit Both the Open Source Community and Enterprise Software Developers
Read More »Sonatype Raises $11.6 Million to Transform Software Development Silver Spring, MDSeptember 13, 2010 Investment to Fuel Product Innovation, Deliver New Value to Open Source User Community
Read More »Sonatype Names Wayne Jackson as CEO Silver Spring, MDSeptember 13, 2010 Accomplished Industry Veteran and Experienced Management Team Will Help Transform Software Development
Read More »Chariot Solutions Becomes Sonatype Certified Training Partner Fort Washington, PAApril 06, 2010
Read More »Sourcesense and Sonatype Form Strategic Partnership Mountain View, CANovember 16, 2009 Sourcesense and Sonatype Form Strategic Partnership to Advance Mission-Critical Enterprise Software Build and Release Management
Read More »Hippo and Sonatype Announce Technology Partnership San Francisco, CANovember 04, 2009 Hippo’s Innovative and Cost-Effective CMS and Portal Solutions Are Optimized for Sonatype’s Development Infrastructure Platform Based on the Apache Maven Project
Read More »Nexus Professional 1.4 now available with new features Mountain View, CAOctober 28, 2009
Read More »Announcing Sonatype Maven Meetup Mountain View, CASeptember 15, 2009
Read More »Sonatype Introduces Sonatype Nexus Professional, the First Maven Repository Manager for Commercial Software Development Teams Palo Alto, CAJanuary 15, 2009 Continued growth and momentum for Maven, the world’s leading software build and release solution, fuels need for professional support, training and complementary technologies
Read More »Sonatype Delivers Nexus 1.0 for Out-of-the-Box Maven Repository Management Palo Alto, CAAugust 26, 2008 Developers handed power to manage internal and external repositories, tap Maven Central Repository, world’s largest binary artifact repository
Read More »Sonatype Joins Eclipse Foundation as Strategic Developer with Seat on Board of Directors Palo Alto, CAJuly 15, 2008 Creators of Maven, the popular build and release framework and repository, demonstrate commitment to Eclipse IDE
Read More »Sonatype to Lead New Eclipse Project to Integrate Maven into Eclipse Palo Alto, CAJune 30, 2008 Sonatype to contribute an Eclipse plug-in that tightly integrates Maven and Eclipse to the Eclipse Foundation
Read More »
Connect With Us
- Follow our Blog
- Subscribe to our Newsletter
- Follow us on Twitter
- Tune in on YouTube
- Connect on LinkedIn
Sonatype Media Contact
April Harned
Media Relations
Sonatype, Inc.
646-246-0484
aharned@sonatype.com
