Sonatype, the end-to-end software supply chain security platform, announced that Sonatype SBOM Manager, its Enterprise-Class Software Bill of Materials (SBOM) solution, and its pre-eminent artefact repository manager, Nexus Repository, is now available in AWS Marketplace, a digital catalogue with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

AWS customers will now have access to the full Sonatype platform, including Sonatype Firewall Repository’s open-source malware protection and Sonatype Lifecycle’s software composition analysis solution, directly within AWS Marketplace. Sonatype’s availability provides AWS customers with the ability to streamline the purchase and management of the full Sonatype platform within their AWS Marketplace account.

Partnering with Sonatype

Enterprises partnering with Sonatype benefit from 26x faster identification and remediation of OSS

AWS customers can now manage open-source components and risk throughout the software development life cycle (SDLC) at the enterprise level. This helps eliminate uncertainty in SBOM collection, monitoring, and compliance, automatically blocks malicious code and open-source malware, streamlines policy enforcement, enhances incident response times, and accelerates code delivery. 

Enterprises partnering with Sonatype benefit from 26x faster identification and remediation of open source software (OSS) components, a 70% reduction in exploitability windows from adversary attacks, and a 99% decrease in developer time spent on researching, securing approval, and downloading quality OSS components.

Sonatype’s full platform and solutions

"In today's world, where enterprise software is constituted of more than 85% open source, and secure development regulations are increasing, organisations need a trusted partner like Sonatype to empower their developers to innovate, securely at lightning speed," said Mitchell Johnson, Chief Product Development Officer at Sonatype.

"With Sonatype’s full platform and suite of solutions available in AWS Marketplace, we're making it easier than ever for businesses to harness the power of open source and fortify their software supply chains against risk, all powered by Sonatype’s unrivalled open source data and security research.”

Sonatype available in the AWS Marketplace

With Sonatype available in AWS Marketplace, they can expect: 

  • Rapid, Reliable SBOM Compliance at Scale: Sonatype SBOM Manager brings Sonatype’s best-in-class component scanning and comprehensive open source (OSS) data intelligence together with market-leading SBOM management support. It streamlines and automates the requesting, auditing, distributing, and monitoring of an organisation’s first and third-party SBOMs. And, by creating a centralised repository for SBOMs, organisations can easily keep up with emerging software security regulations.
  • World’s Leading Artefact Repository: Built by the founders and stewards of Maven Central, Sonatype Nexus Repository empowers software development teams to efficiently scale and manage components, binaries, and build artefacts across their entire software supply chain. It enables teams to build quickly and reliably and publish and cache components in a central repository that connects natively to all popular package managers.
  • The Only Open Source Malware Detection Solution: Sonatype's artificial intelligence (AI)-powered Repository Firewall detects more than 2,100 intentionally malicious components every month, and blocks them, preventing malware from entering the software supply chain and infecting upstream systems.
  • Expanded Software Composition Analysis (SCA): Sonatype's deep understanding of open source components and their vulnerabilities enables precise identification and mitigation of risks throughout the software development lifecycle.
  • Unrivalled Dependency Management: Sonatype empowers organisations to understand and control the complex relationships between software dependencies, ensuring a secure and reliable foundation for applications.

Supply chain security solutions

Sonatype's proprietary and unique data, amassed from analysing hundreds of millions of open-source components, provides unparalleled insights into the open-source landscape. 

This information enables Sonatype to deliver the most accurate and comprehensive software supply chain security solutions available in the market, giving organisations the assurance to innovate confidently and quickly, without open source risk.

Download PDF version Download PDF version

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Quick poll
What is the most significant challenge facing smart building security today?