There were 1,666 press releases posted in the last 24 hours and 413,775 in the last 365 days.

Sonatype Further Expands Coverage of Nexus Platform

Nexus Lifecycle and Nexus Firewall add native support for eleven additional ecosystems

Fulton, MD, May 13, 2020 (GLOBE NEWSWIRE) -- Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced native support for eleven new ecosystems, including C/C++, R, Swift, and Objective-C. By continuing to expand support for the most popular component formats, Nexus Lifecycle and Nexus Firewall help millions of developers automatically keep flawed open source components from entering — or being used across — their DevOps pipeline. 

New natively supported package manager ecosystems, include: Alpine, Bower*, Cargo (Rust), CocoaPods (Swift and Objective-C), Composer (PHP)*, Conan (C/C++)*, Conda, CRAN (R), Debian Drupal**, and rpm**. With these additions, Sonatype now supports 38 different languages and package formats.

Sonatype’s 2020 DevSecOps Community Survey revealed that one in five organizations experienced an open source-related breach in the past twelve months. While the use of open source components accelerates innovation, companies must avoid unwittingly introducing known vulnerable components that can quickly lead to application breaches.

“In the past two weeks, hackers have successfully exploited known vulnerable open source components with a number of high-profile breaches. The elapsed time between vulnerability disclosure and exploit was about three days,” said Brian Fox, CTO of Sonatype. “Our automated open source governance solutions allow engineering and security teams to manage third-party risk by automatically controlling how open source components are being utilized across every phase of their SDLC.”

Nexus Lifecycle and Nexus Firewall, two products within the Nexus Platform, are designed to compliment Nexus Repository OSS and Pro users. Benefits, harnessed by customers such as Equifax, ABN-AMRO, and Bloomberg Industry Group, include:

  • Automatically enforce open source security policies at the earliest point in the software development lifecycle.
  • Automatically identify and remediate vulnerable open source components during the active development and test phases of the development lifecycle.
  • Automatically find and fix vulnerable open source components in production applications at the end of the development lifecycle.

*Support in Nexus Firewall only

**Support in Nexus Lifecycle only

Additional Resources

About Sonatype

Sonatype is the leader in software supply chain automation technology with more than 350 employees, over 1,000 enterprise customers, and is trusted by more than 10 million software developers. Sonatype’s Nexus platform enables DevOps teams and developers to automatically integrate security at every stage of the modern development pipeline by combining in-depth component intelligence with real-time remediation guidance. For more information, please visit Sonatype.com, or connect with us on Facebook, Twitter, or LinkedIn.

###

Cole Garry
Mission North for Sonatype
480-818-0734
sonatype@missionnorth.com