Study shows high performance engineering teams release 15x more often and remediate open source vulnerabilities 26x faster
Fulton, Md. - August 12, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today released its sixth annual State of the Software Supply Chain Report.
Study also finds 51% of organizations require more than a week to remediate new zero day vulnerabilities
Fulton, Md. - August 12, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today released its sixth annual State of the Software Supply Chain Report. This year’s report found a massive 430% surge in next generation cyber attacks aimed at actively infiltrating open source software supply chains.
Fulton, MD – June 4, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today published Healthcare industry-specific findings from its seventh annual DevSecOps Community Survey. The survey pulls back the curtain on successful DevSecOps practices and secure coding, and highlights trends in different verticals, including Healthcare.
Fulton, MD – June 4, 2020 — Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today published the Financial Services industry findings from its seventh annual DevSecOps Community Survey. The data look at DevOps practices in financial services and reveal connections between organizations’ adoption of DevOps practices, developer happiness and secure development.
Fulton, MD – June 4, 2020 — Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today released government-specific findings from its seventh annual DevSecOps Community Survey. The survey pulls back the curtain on successful DevSecOps practices and secure coding, and highlights trends in different verticals, including government.
Fulton, MD – June 4, 2020 — Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today published Technology industry-specific findings from its seventh annual DevSecOps Community Survey, which was launched earlier this year. The findings, which delve into successful DevSecOps practices across sectors including technology, show a link between mature DevOps practices, job satisfaction among developers and strong security processes.
Fulton, MD – May 21, 2020 — The UK is experiencing a significant decline in software development activity during the COVID-19 crisis, according to data today released by Sonatype, the company that scales DevOps through open source governance and software supply chain automation. After analysing software development activity in seven key regions – the UK, the US, China, Germany, Spain, Italy, and India – Sonatype discovered that software development activity in the UK decreased by 28% since February 29th 2020. However despite this decline, the recent recovery of Chinese software development indicates that the UK is likely to rebound swiftly.
Fulton, MD – May 14, 2020 -- Sonatype, the market leader in open source governance and software supply chain management, today announced that Brooke Motta and Shawn Basak have joined the company’s executive leadership team. In her role, Brooke will oversee sales of Sontype’s Nexus Platform for the western region of the United States. Shawn will manage and execute value creation programs and strategic transformation initiatives across the enterprise.
“We are excited to have Brooke join us with her deep cybersecurity and industry expertise. Additionally, Shawn’s extensive knowledge of the software composition analysis (SCA) space and experience aligning customer goals and leading growth strategies will serve us well as we continue to scale our business in the months and years ahead”, said Wayne Jackson, CEO of Sonatype.
Fulton, MD – May 13, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced native support for eleven new ecosystems, including C/C++, R, Swift and Objective-C. By continuing to expand support for the most popular component formats, Nexus Lifecycle and Nexus Firewall help millions of developers automatically keep flawed open source components from entering — or being used across — their DevOps pipeline.
New natively supported package manager ecosystems, include: Alpine, Bower*, Cargo (Rust), CocoaPods (Swift and Objective-C), Composer (PHP), Conan (C/C++), Conda, CRAN (R), Debian, Drupal, and rpm**. With these additions, Sonatype now supports 38 different languages and package formats.
McLean, VA – April 16, 2020 — Sonatype, the company that scales DevOps through open source governance and software supply chain automation, has collaborated with over 40 other companies and community supporters to produce a special edition of All Day DevOps, the world’s largest DevOps conference. With the majority of the world's DevOps community now working from home, ADDO, now in its fifth year, has created a “Spring Break Edition” in response to the COVID-19 pandemic. The conference will live stream for 10 hours, starting at 6:00 am ET on April 17, 2020. The previous ADDO conference held on November 12, 2019, featured over 150 keynotes and sessions and attracted nearly 40,000 attendees, including 84 Fortune 100.
