New research examines growth in open source malware attacks, most prevalent against software developers at government and financial institutions
Fulton, MD — December 5, 2024 — Sonatype®, the end-to-end software supply chain security platform, today announced its integration with Buy with AWS, a new feature now available through AWS Marketplace. AWS Marketplace is a digital store that makes it easy for customers to find, buy, deploy, and manage software and services from Amazon Web Services (AWS) Partners. By implementing Buy with AWS, Sonatype now provides simplified software buying experiences for customers on its website, powered by AWS Marketplace.
Enterprises are now able to request a private offer via AWS directly on Sonatype’s website to help speed up development of innovative software while mitigating risk and protecting against security threats. With Sonatype Repository Firewall, Sonatype Nexus Repository, Sonatype Lifecycle, and Sonatype SBOM Manager available on AWS, even more organizations can easily rely on Sonatype’s industry-leading tools and guidance to be ambitious, move fast and do it securely.
Bringing together best-in-class SCA, SAST, and DAST solutions to deliver holistic view of application security
Fulton, Md. – November 20, 2024 – Sonatype®, the end-to-end software supply chain security platform, and OpenTextTM (NASDAQ: OTEX) are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever. Together, Sonatype’s industry-leading Software Composition Analysis (SCA) solutions and Static and Dynamic Application Security Testing (SAST/DAST) from Fortify by OpenText offer a comprehensive, integrated security solution spanning the entire software development lifecycle.
Fulton, Md. – November 13, 2024 – Sonatype®, the end-to-end software supply chain security platform, is pleased to announce that it has been named a Leader in The Forrester WaveTM: Software Composition Analysis Software, Q4 2024 report. Forrester identified, researched and evaluated 10 top SCA software providers and Sonatype received the highest possible marks in criteria including malicious package detection, SBOM generation, export and sharing, SBOM ingestion and analysis, policy management, and AI component analysis, along with seven others.
Recognized 9 global organizations pioneering software supply chain security
Fulton, Md. – October 28, 2024 – Sonatype®, the end-to-end software supply chain security platform, today announced the winners of the 2024 Elevate Awards, which recognize global leaders and their teams for exemplary collaboration to advance software innovation, and deliver enhancements to reduce open source risk and expedite developer productivity.
A record-breaking year for open source consumption as downloads hit 6.6 trillion, amplifying software supply chain risk
Fulton, Md. – October 10, 2024 – Sonatype®, the end-to-end software supply chain security platform, today released its 10th Annual State of the Software Supply Chain® Report. Sonatype was first to define this market and consistently provides year-over-year analyses of open source consumption data. Sharing these unparalleled insights over the past decade has expedited innovation in software development, as well as propelled Sonatype’s success in bringing industry-first solutions to market.
Fulton, Md. – October 1, 2024 – Sonatype, the end-to-end software supply chain security platform, today announced it has achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes that Sonatype has demonstrated expertise in delivering comprehensive security solutions for modern software development that help customers achieve their cloud security goals.
Fulton, MD – August 3, 2018 -- Sonatype, the leader in automated open source governance, today announced it has been named to the JMP Securities’ Hot 100 list of the hottest privately held software companies for 2018. Compiled annually by JMP, the list profiles the top 100 private companies based on multiple criteria including financial growth, products and services, quality of leadership team and market potential. This is the third time Sonatype has been named to the list.
The newly improved Index is designed to easily integrate with developer tools like Maven Enforcer Plugin and OWASP Dependency Check
Fulton, MD – July 25, 2018 -- Sonatype, the leader in automated open source governance, today announced a revamped and modernized OSS Index to provide developers with free and easily accessible information on known open source vulnerabilities. The Index provides multi-language support, easy implementation through a REST API and native integrations with Maven Enforcer Plugin and OWASP Dependency Check.