artifact-repository
Safeguard articles tagged "artifact-repository" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Sonatype vs JFrog Xray: A Neutral Comparison for 2026
Sonatype and JFrog Xray both secure the software supply chain from the artifact repository outward, but they anchor to different platforms and philosophies. An honest side-by-side, plus a third option.
Artifactory vs Nexus for Enterprise in 2025
JFrog Artifactory and Sonatype Nexus both remain viable enterprise artifact repositories in 2025. A head-to-head on scale, security, and the decision factors that actually matter.
Maven Central Changes in 2024 and Their Security Impact
Sonatype made several Maven Central changes in 2024 that materially affected the Java supply chain. A rundown of what changed, who was affected, and what Java teams should do.
JFrog Artifactory Hardening Guide
Artifactory is the most common artifact repository in enterprise. It is also a default-permissive system where misconfigurations compound. A concrete hardening guide.