[Napc-2018] Scale Developer Security with an Expanded Nexus Platform

Andrew at Sonatype events at sonatype.com
Thu Feb 17 14:37:16 UTC 2022 

Check out what's new with Nexus.

Hey Sonatype Community,

We’ve added new features to the Nexus platform that will help keep the malicious attack target off your apps. You can now easily fight back against the increase in typosquatting (https://www.sonatype.com/e3t/Btc/Q+113/cdrCy04/VX29K56FH-5LW3xwJMx7ByJ3tW3trWRD4FFM-7N2lhp0D5mNXLV3Zsc37CgDK-W3y4gJP6NZn62W5NM-gC1l-y6RN2bkkG-wXntfW58HcLw76TXSvVZ3hSB2z-z0JW80BqGj4P501kW1D1Yv-8TMlx4W5TQQpQ91YjW0N2YD4gT3DbLRW6gY18S78-QQ_W6tqT905Z5rGRW85H5ny3CKPBdW2mQVrx2jqVWvW2dJMvr4DrBlCW6qgl5m5Y82G8W3lLzFt67F-NhW6f5YbG8d28ThW2vFNTr2yyfsxV6ZF3m17C_2JW3-JTH42hHDznW1kwM898_8SHQW8V28WN7SS8vdW5wby6l79xhx_W6X2PW78GHRrBW7LvnxD5X8TbTN7Q-6CWB-8BMW7sl43150t9t9W65klJD8r7BSGN6mRKbMM-TskW88cTdB2V-H2-W20hgXb2q42zxW98Ml207DgpZwW61pHX75fWXkhW2fYXS436kf5G3pkm1 ) , dependency confusion (https://www.sonatype.com/e3t/Btc/Q+113/cdrCy04/VX29K56FH-5LW3xwJMx7ByJ3tW3trWRD4FFM-7N2lhp0k5mNXrV3Zsc37CgSZFW7rrLp-5-tcmgW7V3wqF7svbrkW7DnQ0K4v6DYsW1kCYQn63_270W1hzq446P7PTZN51Yxn4XXDZYW5--QC612X3mxW9b4bDB7HLgzWVtlMHX4xv9kbW77rqYw6bBcl4W3MxcWM6htYm-VXcVVf78WsgvTTHxl3nTcGNW3RmrgM94Wtg2W8PWmTJ1nlcG3W2t6wCd13cpW9W2SR0qY8qvCt2Vpv0Yd4kRJvjW8G0bTk1RjTppW13BXRk1VD4K3W5WP1Kj6c2W-5N825w9X2Vl56W4F25FG3yccrxVC22d761YVVWW4WFdMw7FHG9_W4Q-qpv9cfRhRN3RtHJKdNCb8VsTRCZ7GCqVFN585vK2zw5fZW19bp174l7ZRjW7bBTdl9kcfgfW9dfQ9J2_S94x3kGp1 ) , and other attacks preying on PyPi components, protect your JFrog Artifactory Enterprise repo and feel confident you’re using the safest components out there.

New in the Nexus platform:

- Automatically block suspicious and malicious Python components from entering your software supply chain with malware detection for components in PyPi
- Use the safest components possible with an industry-first feature that identifies potentially malicious components and guides you to the most updated package that isn't suspicious
- Protect your JFrog Artifactory Enterprise from known and unknown open source risk with Nexus Firewall’s expanded support to include not just Artifactory Pro, but also now Artifactory Enterprise
- Share vulnerability reports more broadly, with detailed component pages including insights about package usage and severity, and available to your extended team, without requiring a Nexus login
- Prevent Trojan Source Unicode attacks with added signals that monitor for “odd behaviors” searching for cloaked Unicode threats in the components you manage

Learn More (https://www.sonatype.com/e3t/Btc/Q+113/cdrCy04/VX29K56FH-5LW3xwJMx7ByJ3tW3trWRD4FFM-7N2lhp0D7RZQcV5X_Kf7CgFXZW5H0RVL8whwNDW35NjB-8xNYb0N8LMwF_YfNNPW5Sx6P84lKRJdW3_tCBW37bbJgW849wc22w5S9HW41t3mK3ctMPSW7Fh5wm8TmHd-W2Pf9Q63Z0kDrVhxY4W5VBnJ4W89Pkbf641Qh1W2qjb5v60ZTYKW1Kz5-X3hKGGkW8qVRvk8qk_CmN6WgW0HBJK0pW6Wt4966lbWrgW7F6gHR1cWgBVW2GH8rL4H3T3BW4bl8S58D_Nn9W8M3BtV1G07gjW8L5kwk4mD-9DV_K68J6drN1-W1yFx7S1KXcRsW7RLJHT5Rdc64VlpZNn6XFQJNW2mpFNc7908DRW4VcLM03ggJcDN78Tsb9DtXcbN7pzrM8Z_7HnW8x5CyC2l-RLyW95P_qv37J5y8W1LWK2f42rSV5W7mwYGK8MMn-HW8NRd6r56Gl46W2c1rLj3PzGkFVlT-4l16Q450W444Xhy3ZTlBfW1GgK6M7y9YL8W9hhDF61cXvBdW3V1GpM6PGDfcW7JTwTW8qwCBlW8Z84pM33z-gpW6gzDRw37BYYFW96vT8F39t9D9V6T08J5LQ-lMW1gRX4D2HNdKkW1SNxhk4NlbtTW661T3N1H42ddW5fGs-13-MQGBW4Kz1vr8851qm34kC1 )

Get Tuned In

We’re walking through the latest expansion of the Nexus Platform during our webinar Starting Left: How Developers Can Scale Security, Quality and Innovation with Sonatype  (https://www.sonatype.com/e3t/Btc/Q+113/cdrCy04/VX29K56FH-5LW3xwJMx7ByJ3tW3trWRD4FFM-7N2lhp0D5mNXLV3Zsc37CgLSRN5w3_F1C3NBkW1qhsvX129MbkW4-r2ls9gGV82VK-np_7b3M3JMX3kq2dBy4gW4mhW4W7p_0g-W6n6HCf6DgMwhW2_c4bZ8LdXHvW7VB_Pb1d5fM8VtstxZ36vZz5W24Qhnw7D22GcVQ99zR3p8mftW4WKXn19gzF7lW33cM4c7TmMmXW2jTzGg5_M9T5N7WryH9RRztYW67ZDHB5ZyYMDW8sKWHk8tsdrJW6PF-KM616VnjW7c2dvC30jCFrV-XzvL3f5YyJW85NQGd6htcg0W6cz2dB2z7Jp9W4l_YS389qVMbW1yLJm18NM8hnW9cQm4j1GJ-FdW20Q9Zl7XG-vTW6jW71x4LgBcdVlw2gC49_BF4W3g7ZY8706h0CW29t8Lx7pCJc8W5367mn5_lQV9W3RnZDJ629ZXVW6Ssngv2kpjzq3hlh1 ) on Tuesday, March 1st. Find out how the right open source intelligence can make software supply chain management easier for any engineering team.
Save Your Seat (https://www.sonatype.com/e3t/Btc/Q+113/cdrCy04/VX29K56FH-5LW3xwJMx7ByJ3tW3trWRD4FFM-7N2lhp0D7RZQcV5X_Kf7CgG47N8M-HDgbT0j7W5bTJ8F8WXD6KN3XSjJdcXp_tW3bl2Xd1vbCqzW6Xg9-x7dVqNRW4hvv-q2DX0lCW4slyvR6vGndPW3snTyL1bt8NRW5L5HnL9jBRLHVFcRmx8K1yg9W66RpPP1Mp_l9W90X77r4SqjX6Vkt5Wt8QPLSKVFlfh25Yd5X3W4ZbW2n1tPnzZW97kT186p0lvBW4l07BK83BgXQW23bt9c3MQb4LW3Yhf3Y9g1B0GVdjYj728vsLTV5vh9h2_Rm1SW8l1wCP4vCKtJM23D4BGvGHlN2DD7w3Tlbf1W19tt0f5M9fL_W51_w6_2hzKmmW4lx5hB2MXkD8N8KGBvLjT6CKW5XhzxR6FD_NRW52G7t26fc6jjW6Wrmzd5t61KXW8Bw00P8zr7LWW4hZXp33Zmg5RW5y5QWs7m9x_NN4-TTyJdvLBQW1D1F6X4TDpCZV9CgGT53H1qgW5fls8B8LcBwPW10djy21qH-hLW3SM8845pCF1FW580mnD8mlYc_W46fGD_4GjNHmVbZHdm5JH_s6W8tqrQV62H6NWN955nn3NRNNfW4yMN7H3gw-mrW67dcJ_5t29VPN7htNLp3pYc2VYpD0-6ggR7jW7lWMMT2lBRrt36hm1 )

SON_logo_white at 2x copy 250 (https://www.sonatype.com/e3t/Btc/Q+113/cdrCy04/VX29K56FH-5LW3xwJMx7ByJ3tW3trWRD4FFM-7N2lhp1w3pdrrV1-WJV7CgWHkV7VtFv8xQQ_KW7gswhF4pS2TqVzDpJS6bDmpdW52_mwx48x9cDW6Zh0x-69L16VW8XdV8r4m8VWHW8rfMC91H4mZnV39jBT3NXy1NW5hNgRH1-NjCRW45b4mx7zW5rmVSyXQK81sctlW8ykl2m29XrYTVHjpwH3vLLYxW9m1QLd2-BhqZW1NLSDf3MBDxKW8fqSvR1bz-pYM-yx0WWvfvgV5Q42r74BXTlW8HMbfC78r2hNW41SyH22zf23gN1kpTTD80r02W83Ychz23LwyNW3Qmmcx5t2b3MW8mF0j_7M6wg73dPJ1 )

Sonatype Inc.   8161 Maple Lawn Blvd #250    Fulton  MD   20759   United States

You received this email because you are subscribed to Sonatype Resource Emails from Sonatype Inc..

Update your email preferences (https://www.sonatype.com/hs/manage-preferences/unsubscribe?languagePreference=en&amp%3Bd=VncJL377H5dMW41PGhf1G9tDhW22_qC_3H64g0N1JxwY5WH5ZFN1fkvKFkwzS3W588n946lrDBvW8c220M83vdYcW7-7zpl87PXn-W1KVcpz7jDJDWW42Hlzg48jFcgW4XPPp67lVKRKf12r51Y04&amp%3Bv=3&_hsenc=p2ANqtz--5q-NxANRC0g3o55hF8I6aQi5k56SUJgH1rbw4gPmlk-dLkCECzeZkhPVh8PbPlXlsuOs0kKK4I2U_DzaaTi646Ivx6Q&_hsmi=204237056 ) to choose the types of emails you receive.

Unsubscribe from all future emails (https://www.sonatype.com/hs/manage-preferences/unsubscribe-all?languagePreference=en&amp%3Bd=VncJL377H5dMW41PGhf1G9tDhW22_qC_3H64g0N1JxwY5WH5ZFN1fkvKFkwzS3W588n946lrDBvW8c220M83vdYcW7-7zpl87PXn-W1KVcpz7jDJDWW42Hlzg48jFcgW4XPPp67lVKRKf12r51Y04&amp%3Bv=3&_hsenc=p2ANqtz--5q-NxANRC0g3o55hF8I6aQi5k56SUJgH1rbw4gPmlk-dLkCECzeZkhPVh8PbPlXlsuOs0kKK4I2U_DzaaTi646Ivx6Q&_hsmi=204237056 )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/napc-2018/attachments/20220217/4ec41d46/attachment.htm>

More information about the Napc-2018 mailing list