New cloud platform aims to improve supply chain management
A new platform from Sonatype is designed to make it easier for developer and security teams to unite and build innovative software securely.
It delivers an Application Security Testing (AST) and Software Composition Analysis (SCA) tool that offers cloud, self-hosted, and disconnected deployment options -- giving control and flexibility to its customers.
Using proprietary intelligence, industry-leading research, and AI behavioral analysis it aims to help organizations manage their software supply chains to deliver products faster and with safer open source components.
"As the use of open source software in modern applications continues to increase, so does the risk from malware and other vulnerabilities. Software supply chain attacks have jumped an astonishing 742 percent per year, on average, over the past three years," says Mitchell Johnson, chief product development officer at Sonatype. "There has never been a greater need for the ability to detect code quality and implement security at the point of creation. Sonatype is answering that need and more, allowing developers, engineering teams, and enterprises to build software fearlessly in the environment that best works for them."
Using a behavioral AI-driven component firewall Sonatypet can automatically block malicious malware from entering the software development lifecycle (SDLC). The platform also provides security policy automation with instant developer feedback at all stages of the development process.
"With Sonatype, there is no trade-off between risk management and productivity. Over 2,000 organizations and 15 million software developers already rely on Sonatype's industry-leading platform to deliver and maintain secure, exceptional software," says Alex Berry, president at Sonatype. "Expanding our deployment options not only gives customers convenience and flexibility, but complete control. We’re thrilled to help even more organizations shift security left and automate their software supply chain management."
You can find out more on the Sonatype site.