Fulton, Md. – November 20, 2024 – Sonatype®, the end-to-end software supply chain security platform, and OpenTextTM (NASDAQ: OTEX) are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever. Together, Sonatype’s industry-leading Software Composition Analysis (SCA) solutions and Static and Dynamic Application Security Testing (SAST/DAST) from Fortify by OpenText offer a comprehensive, integrated security solution spanning the entire software development lifecycle.
Sonatype’s 2024 State of the Software Supply Chain® Report found that in 2024, some critical vulnerabilities took more than 500 days to fix. By combining Sonatype’s open source governance with Fortify’s advanced application security testing, organizations can detect, prevent, and remediate vulnerabilities with maximum efficiency. Enterprises leveraging this integrated solution experience:
End-to-end software supply chain security: Robust protection for both open source and proprietary code, ensuring comprehensive coverage across the entire application stack from the first line of code to production.
Streamlined DevSecOps practices: Automated security checks seamlessly integrate into CI/CD pipelines, ensuring that developers can maintain their velocity without compromising security.
Automated efficiency: AI-powered tooling to streamline auditing, security prioritization, licensing, and more across custom code and open source.
Optimized risk mitigation and compliance: Early detection of security issues, unified reporting, and prioritized remediation, helping organizations meet regulatory requirements and manage risks effectively at scale.
"At Sonatype, we’re dedicated to empowering organizations to take ownership over their software supply chain security without sacrificing speed and agility. Partnering with like-minded organizations like OpenText is critical to furthering this mission,” said Tyler Warden, Vice President of Product at Sonatype. “In uniting our innovative SCA solutions with Fortify’s proprietary code security tools to create this single pane of glass platform, we make it easier for developers and security teams to eliminate technical debt, maintain visibility, and quickly respond to security risks.”
Last week, Sonatype was recognized as a leader in The Forrester Wave™: Software Composition Analysis Software, Q4 2024, with the highest possible marks for Component Identification and Analysis, Component Health, and Software Development Tool Chain Integration, among other criteria. According to Forrester, “Sonatype is an excellent choice for enterprises looking to manage dependency, license, operational, and malicious package risk across the portfolio.”
“The best partnerships lean into each organization’s unique strengths in support of a common goal. Sonatype and OpenText offer best-in-class code security solutions that, when combined, streamline security across the entire software development lifecycle,” said Dylan Thomas, Senior Director of Engineering and Product for Application Security at OpenText. "I am excited for our continued joint evolution and innovation to enable safe, secure, and fast software development.”
Hundreds of global organizations leverage the integrated Sonatype and Fortify by OpenText solution to be ambitious, move fast and do it securely. To learn more about Sonatype, visit www.sonatype.com.
OpenText™ is the leading Information Management software and services company in the world. We help organizations solve complex global problems with a comprehensive suite of Business Clouds, Business AI, and Business Technology. For more information about OpenText (NASDAQ/TSX: OTEX), please visit us at www.opentext.com.
Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, by combining the only proactive malicious protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. To learn more about Sonatype, please visit www.sonatype.com.