Sonatype News

Sonatype, the end-to-end software supply chain security platform, and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever. Together, Sonatype’s Software Composition Analysis (SCA) solutions and Static and Dynamic Application Security Testing (SAST/DAST) from Fortify by OpenText offer a comprehensive, integrated security solution spanning the entire software development...

Sonatype, the end-to-end software supply chain security platform, announced that Sonatype SBOM Manager, its Enterprise-Class Software Bill of Materials (SBOM) solution, and its pre-eminent artefact repository manager, Nexus Repository, is now available in AWS Marketplace, a digital catalogue with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS). AWS customers will now have...

Sonatype, the software supply chain optimisation company, announced an integration with ServiceNow, the AI platform for business transformation, to incorporate Sonatype Lifecycle software composition analysis and open-source vulnerability scans directly into existing workflows. This accelerates the response to application vulnerabilities, particularly in open-source software components, enhancing security measures and remediation efforts across enterprise environments. Unified vulnerability ma...

Working with the world’s largest enterprises and global policymakers to address the complexities of optimising software supply chain with SBOMs (Software Bill of Materials), Sonatype announced SBOM Manager. This industry-first solution provides an integrated approach to managing SBOMs from third-party vendors, alongside those SBOMs created for their software, powered by Sonatype’s unique data and security research. Compliance and cybersecurity By enabling comprehensive optimi...

Sonatype, the software supply chain optimisation company, announced artificial intelligence and machine learning (AI/ML) component detection, a first-of-its-kind capability, available as part of Sonatype Lifecycle. This technology fundamentally changes the way organisations select and monitor AI/ML software components, enabling them to accelerate software development while effectively managing the risks associated with AI. Usage of AI/ML Components The adoption of AI, particularly genera...

Sonatype, the globally renowned provider of innovation-friendly open source security tools, has announced entering into a strategic partnership with Fugue, the company putting engineers in command of cloud security, to deliver the first Infrastructure-as-code (IaC) solution that shifts cloud security left into the developer workflow. Sonatype and Fugue partnership The partnership further advances the missions of Sonatype and Fugue to empower software developers with best-in-class tools so they...