#cybersecurity | #hackerspace | Sonatype Nexus is Rising Above the Swamp

Source: National Cyber Security – Produced By Gregory Evans

In case you missed it — our rival JFrog published this blog post on Thursday.  Amidst the hyperbole, JFrog made a few statements that are true, and numerous that are rooted in fear mongering, falsehoods and gimmicky marketing tactics.  Please, allow me to explain.

Facts from JFrog About Sonatype Nexus.

JFrog states, “If you’ve been around in DevOps and DevSecOps for a while, you know that Nexus and Artifactory have been fierce competitors in the repository space. Sonatype had its roots in the Java and Maven space, and built on that success as “the Maven guys” for many years as they expanded their repository solutions.  Recently, Nexus shifted focus to DevSecOps and security aspects of their offering.”

Yes.  It’s true.  We’ve been competing head-to-head with JFrog for years — and we continue to compete with them today.  Make no mistake, on the commercial front, JFrog has been formidable. However, on the open source community front, they have been largely absent.  Conversely, as acknowledged by JFrog, Sonatype has long been steadfast supporters of our fellow engineers in the community. Our founders served as core contributors to Apache Maven.  We’ve long maintained Maven Central and we serve billions of components annually to developers around the world.  Lastly, we founded and actively maintain the Nexus Repository Manager project which has evolved into the world’s most popular binary repository manager with FREE support for all formats.

Separately, as stated by JFrog, it’s true that Sonatype has been actively expanding the Nexus platform beyond traditional repository manager features.  Specifically, we’ve pioneered the concept of software supply chain automation and have delivered innovative policy controls to enable engineering teams to automatically find and fix open source vulnerabilities early and everywhere across the DevOps pipeline.

Source link

The post #cybersecurity | #hackerspace |<p> Sonatype Nexus is Rising Above the Swamp <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Sponsored Link: http://youtube.com/no1hacker

http://twiter.com/gregorydevans