<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 ">

Erkenntnisse aus der Untersuchung von 36.000 OSS-Projekten | Pressemitteilung


Pressemitteilungen

Die neuesten Meldungen zu Sonatype.

 

Sonatype Delivers First-of-Its-Kind Automated Malware Prevention For Open Source Libraries

Nexus Intelligence research engine now automatically detects counterfeit and malicious code injections into open source software supply chains

Fulton, MD – Tuesday, Sept. 24, 2019 –Today, Sonatype, the inventors of software supply chain automation, announced it has developed new early warning capabilities to detect malicious releases of open source components, known as “counterfeit components,” and block their use within modern software factories. The patent-pending technology, part of the next generation of Sonatype’s Nexus Intelligence, monitors millions of open source projects in real-time to identify abnormal development behavior and suspicious patterns as new component versions are released.

Micro Focus erweitert seine strategische Partnerschaft mit Sonatype und bietet Fortify-Kunden so erstklassige Open-Source-Sicherheit

New Joint Solution Delivers a Single, Fully Integrated Application Security Platform for Managing Open Source Risk and Vulnerabilities for Fortify on Demand and Fortify On-Premise

SANTA CLARA, CA -- Sept. 9, 2019 – Micro Focus (LSE: MCRO; NYSE: MFGP) today announced an expanded strategic partnership with Sonatype to provide the combined power of Micro Focus' application security as a service, Fortify, and Sonatype's leading automated open source governance solution, to even more customers. The new relationship, which promotes Sonatype as Fortify's preferred Software Composition Analysis (SCA) partner, delivers the advantages of a single, fully integrated application security platform, without compromising depth and capability in managing open source risk and vulnerabilities.

Sonatype setzt auf Go: Eine vollständig automatisierte Sicherheitslösung für die schnell wachsende Programmiersprache

The Nexus Platform now enables Go development teams to automatically control open source risk across the entire software development lifecycle

SAN DIEGO – GopherCon - July 24, 2019 -- Today, Sonatype, the inventors of software supply chain automation, announced full support for Go (Golang) across the Nexus Platform, giving Go development teams an easy way to manage Go packages and automatically eliminate security risk across the entire software development lifecycle, including production applications.  With the addition of Go, the Nexus Platform now supports 42 programming languages and package formats, further meeting the diverse needs of enterprise development teams. 

Der „2019 State of the Software Supply Chain Report“ zeigt bewährte Methoden von 36.000 Open Source Software-Entwicklungsteams

An additional study of 12,000 commercial software engineering teams identified key characteristics of exemplary secure coding practices

LONDON – DevOps Enterprise Summit - June 25, 2019 -- Sonatype today released its fifth annual State of the Software Supply Chain Report. This year’s report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it also examines the rapidly expanding supply and continued exponential growth in consumption of open source components.

Im Rahmen der Nexus User Conference (Anwenderkonferenz) von Sonatype kommen 2000 DevSecOps-Führungskräfte bei einem kostenlosen, live gestreamten Event zusammen

The June 12 Conference Features 44 Nexus Innovators, Customers and Industry Leaders

Fulton, MD – June 10, 2019 -- Sonatype, the inventors of software supply chain automation, will host its second annual Nexus User Conference on June 12, 2019. The free, live, and online event will bring together more than 2,000 DevOps and DevSecOps practitioners to galvanize the industry and share actionable insights, technical how-to’s, and first-hand stories about DevSecOps transformations.

Sonatype präsentiert neue Funktionen für Red Hat Quay zur Gewährleistung kontinuierlicher Container-Sicherheit für Open-Source-Lösungen

BOSTON - Red Hat Summit – May 7, 2019 - Sonatype, the inventors of software supply chain automation, announced new capabilities for Red Hat Quay enterprise container registry enabling modern organizations to automate and enforce open source governance policies in the containerized applications they use every day.

Sonatype Named to Best Workplace Lists by Both Washingtonian Magazine and Battery Ventures

Company CEO also Chosen as a Tech10 Honoree by Baltimore Business Journal

Fulton, Md.  – April 29, 2019 –  Sonatype, the inventors of software supply chain management, is proud to announce its been named one of the 50 Highest Rated Private Cloud Computing Companies on Glassdoor by Battery Ventures and one of Washingtonian Magazine's 50 Great Places to Work.

Sonatype und HackerOne machen gemeinsam Open Source sicherer

Pioneering program makes reporting open source vulnerabilities easier than ever

Fulton, Md.  – March 21, 2019 Sonatype, the inventors of software supply chain management, today announced a partnership with HackerOne, the leading hacker-powered security platform, to create The Central Security Project (CSP). The first-of-its-kind program brings together the ethical hacker and open source communities to streamline the process for reporting and resolving vulnerabilities discovered in libraries housed in The Central Repository, the world’s largest collection of open source components.

5.558 IT-Experten geben Aufschluss über die Merkmale hochleistungsfähiger DevSecOps-Verfahren

2019 DevSecOps Community Survey shows mature programs are 700% more likely to automate security, as adversaries accelerate pace

SAN FRANCISCO - RSA Conference – March 4, 2019 Sonatype, the inventors of software supply chain automation, today published findings from its 6th annual DevSecOps Community Survey of 5,558 IT professionals, making it the largest DevSecOps survey ever conducted. The survey, developed in partnership with CloudBees, Carnegie Mellon’s Software Engineering Institute, Signal Sciences, 9th Bit, and Twistlock, unveiled a new portrait of what organizations with elite DevSecOps programs look like in the face of accelerating attacks from bad actors.

Nexus Firewall von Sonatype schützt jetzt auch JFrog Artifactory

World’s First Application Security Solution that Universally Protects DevOps Pipelines from Vulnerable Open Source Components

Fulton, MD.  – February 28, 2019 –  Sonatype, the inventors of software supply chain management, announced today that Nexus Firewall is now available to JFrog customers to automatically stop vulnerable open source components from entering into Artifactory Repository Managers.