Sonatype Launches End-to-End Software Supply Chain Security Platform Availability in AWS Marketplace
2024年7月23日 - 11:45PM
Sonatype, the end-to-end software supply chain security
platform, today announced that Sonatype SBOM Manager, its
Enterprise-Class Software Bill of Materials (SBOM) solution, and
its preeminent artifact repository manager, Nexus Repository, are
now available in AWS Marketplace, a digital catalog with thousands
of software listings from independent software vendors that make it
easy to find, test, buy, and deploy software that runs on Amazon
Web Services (AWS).
AWS customers will now have access to the full Sonatype
platform, including Sonatype Firewall Repository’s open source
malware protection and Sonatype Lifecycle’s software composition
analysis solution, directly within AWS Marketplace. Sonatype’s
availability provides AWS customers with the ability to streamline
the purchase and management of the full Sonatype platform within
their AWS Marketplace account.
AWS customers can now manage open source components and risk
throughout the software development life cycle (SDLC) at the
enterprise level. This helps eliminate uncertainty in SBOM
collection, monitoring, and compliance, automatically blocks
malicious code and open source malware, streamlines policy
enforcement, enhances incident response times, and accelerates code
delivery. Enterprises partnering with Sonatype benefit from 26x
faster identification and remediation of open source software (OSS)
components, a 70% reduction in exploitability windows from
adversary attacks, and a 99% decrease in developer time spent on
researching, securing approval, and downloading quality OSS
components.
"In today's world, where enterprise software is constituted of
more than 85% open source, and secure development regulations are
increasing, organizations need a trusted partner like Sonatype to
empower their developers to innovate, securely at lightning speed,"
said Mitchell Johnson, Chief Product Development Officer at
Sonatype. "With Sonatype’s full platform and suite of solutions
available in AWS Marketplace, we're making it easier than ever for
businesses to harness the power of open source and fortify their
software supply chains against risk, all powered by Sonatype’s
unrivaled open source data and security research.”
With Sonatype available in AWS Marketplace, you can expect:
- Rapid, Reliable SBOM Compliance at Scale:
Sonatype SBOM Manager brings Sonatype’s best-in-class component
scanning and comprehensive open source (OSS) data intelligence
together with market-leading SBOM management support. It
streamlines and automates the requesting, auditing, distributing,
and monitoring of an organization’s first and third-party SBOMs.
And, by creating a centralized repository for SBOMs, organizations
can easily keep up with emerging software security
regulations.
- World’s Leading Artifact Repository: Built by
the founders and stewards of Maven Central, Sonatype Nexus
Repository empowers software development teams to efficiently scale
and manage components, binaries, and build artifacts across their
entire software supply chain. It enables teams to build quickly and
reliably and publish and cache components in a central repository
that connects natively to all popular package managers.
- The Only Open Source Malware Detection
Solution: Sonatype's artificial intelligence (AI)-powered
Repository Firewall detects more than 2,100 intentionally malicious
components every month, and blocks them, preventing malware from
entering the software supply chain and infecting upstream
systems.
- Expanded Software Composition Analysis (SCA):
Sonatype's deep understanding of open source components and their
vulnerabilities enables precise identification and mitigation of
risks throughout the software development lifecycle.
- Unrivaled Dependency Management: Sonatype
empowers organizations to understand and control the complex
relationships between software dependencies, ensuring a secure and
reliable foundation for applications.
Sonatype's proprietary and unique data, amassed from analyzing
hundreds of millions of open source components, provides
unparalleled insights into the open source landscape. This
information enables Sonatype to deliver the most accurate and
comprehensive software supply chain security solutions available in
the market, giving organizations the assurance to innovate
confidently and quickly, without open source risk.
Learn more about Sonatype's end-to-end software supply chain
security solutions in AWS Marketplace or on the Sonatype
website.
About Sonatype
Sonatype is the software supply chain security company. We
provide the world’s best end-to-end software supply chain security
solution, by combining the only proactive malicious protection
against malicious open source, the only enterprise grade SBOM
management and the leading open source dependency management
platform. This empowers enterprises to create and maintain secure,
quality, and innovative software at scale. As founders of Nexus
Repository and stewards of Maven Central, the world’s largest
repository of Java open-source software, we are software pioneers
and our open source expertise is unmatched. We empower innovation
with an unparalleled commitment to build faster, safer software and
harness AI and data intelligence to mitigate risk, maximize
efficiencies, and drive powerful software development. More than
2,000 organizations, including 70% of the Fortune 100 and 15
million software developers, rely on Sonatype to optimize their
software supply chains. To learn more about Sonatype, please visit
www.sonatype.com.
Elissa Walters
Sonatype
ewalters@sonatype.com