Fulton, MD – June 2, 2020 -- Sonatype, makers of open source governance and software supply chain management solutions, today released three integrations to automate DevSecOps practices for Atlassian customers. The Nexus platform integrations will help Atlassian customers improve secure coding practices and enhance application security as organizations seek to innovate faster and build higher quality applications at scale.
To accelerate the delivery of new features and applications, developers are increasingly reliant on open source components. While eighty to ninety percent of a modern application is built from these open source software building blocks, 28% of developers acknowledge security breaches associated with the components they use. To help developers build safer applications faster, Sonatype is delivering three new Nexus platform integrations for Atlassian customers:
Fulton, MD – May 21, 2020 -- The UK is experiencing a significant decline in software development activity during the COVID-19 crisis, according to data today released by Sonatype, the company that scales DevOps through open source governance and software supply chain automation. After analysing software development activity in seven key regions – the UK, the US, China, Germany, Spain, Italy, and India – Sonatype discovered that software development activity in the UK decreased by 28% since February 29th 2020. However despite this decline, the recent recovery of Chinese software development indicates that the UK is likely to rebound swiftly.
Brooke Motta joins as VP Sales and Shawn Basak joins as VP Strategic Programs.
Fulton, MD – May 14, 2020 -- Sonatype, the market leader in open source governance and software supply chain management, today announced that Brooke Motta and Shawn Basak have joined the company’s executive leadership team. In her role, Brooke will oversee sales of Sontype’s Nexus Platform for the western region of the United States. Shawn will manage and execute value creation programs and strategic transformation initiatives across the enterprise.
“We are excited to have Brooke join us with her deep cybersecurity and industry expertise. Additionally, Shawn’s extensive knowledge of the software composition analysis (SCA) space and experience aligning customer goals and leading growth strategies will serve us well as we continue to scale our business in the months and years ahead”, said Wayne Jackson, CEO of Sonatype.
Nexus Lifecycle and Nexus Firewall add native support for eleven additional ecosystems.
Fulton, MD – May 13, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced native support for eleven new ecosystems, including C/C++, R, Swift and Objective-C. By continuing to expand support for the most popular component formats, Nexus Lifecycle and Nexus Firewall help millions of developers automatically keep flawed open source components from entering — or being used across — their DevOps pipeline.
New natively supported package manager ecosystems, include: Alpine, Bower*, Cargo (Rust), CocoaPods (Swift and Objective-C), Composer (PHP), Conan (C/C++), Conda, CRAN (R), Debian, Drupal, and rpm**. With these additions, Sonatype now supports 38 different languages and package formats.
The 2020 virtual event is connecting work-from-home DevOps practitioners around the globe to participate in a 10-hour conference starting at 6 am ET on April 17
McLean, VA – April 16, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, has collaborated with over 40 other companies and community supporters to produce a special edition of All Day DevOps, the world’s largest DevOps conference. With the majority of the world's DevOps community now working from home, ADDO, now in its fifth year, has created a “Spring Break Edition” in response to the COVID-19 pandemic. The conference will live stream for 10 hours, starting at 6:00 am ET on April 17, 2020. The previous ADDO conference held on November 12, 2019, featured over 150 keynotes and sessions and attracted nearly 40,000 attendees, including 84 Fortune 100.
Annual Survey Finds Happy Coders 3.6X More Likely to Build Secure Applications
Fulton, MD – April 7, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps, pulls back the curtain on successful DevSecOps practices, significant influences on developer satisfaction, trends in secure coding, and application breaches.
Nexus Lifecycle now allows users to scan applications for open source software vulnerabilities, automatically enforce open source governance policies, and easily remediate open source risk for 27 different languages and package formats.
Fulton, MD – March 12, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced it’s further expanded its language coverage within Nexus Lifecycle to include Conan (C/C++), Composer (PHP), and RubyGems (Ruby), including the ability to create and contextually enforce policies. By continuing to increase support for the most popular component formats, Nexus Lifecycle is helping millions of developers and security professionals to automatically govern open source hygiene across every phase of the software development lifecycle (SDLC).
Key Partners from Europe, Middle East, Africa and Russia Honored at 4th Annual Sonatype Partner Awards on March 5th, 2020.
AMSTERDAM – March 5, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, announced its EMEA and International channel partner program grew more than 100% in revenue over the last three years. The company’s rapidly growing channel partner ecosystem, which has helped exponentially expand the reach of its automated DevSecOps platform, will be honored at Sonatype’s Fourth Annual EMEA Partner Summit in Amsterdam.
Enhanced solutions take advantage of new algorithms to better identify security vulnerabilities in open source npm packages
Fulton, MD – February 24, 2020 -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, now includes native support for Helm in Nexus Repository (NXRM). Additional support for developers using Helm Chart Repositories, and by extension Kubernetes, is part of the company’s commitment to strengthening container-based development and ensuring NXRM always enables users to universally manage software libraries and build artifacts.