Google Ads
Product News : Sonatype's New Software Release Determines OSS Risk
on 2014/11/18 11:16:21 (589 reads)
Product News

Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a new version of its Component Lifecycle Management (CLM) software.  An industry first, developers can now avoid security risks without missing business-critical delivery deadlines.

While the availability of open source components has dramatically accelerated application development and release schedules, developers are using billions of open source components of unknown origin and risk annually.   As a result, many applications containing high profile, known vulnerabilities, such as Struts2, are being released into the wild on a daily basis.  To date, there has been no way to track and trace these known bad components nor their dependencies AND keep pace with today's agile development requirements.   Now, that is no longer the case.

"Developers frequently complain that the security world doesn't get it," said Wayne Jackson, CEO Sonatype.  "Application security must work at the speed of development or it won't work.  And businesses rely on this speed to compete and thrive. We always have the developer community top-of-mind as we enhance our CLM software to keep applications secure without putting release schedules at risk and slowing the speed of business."

This new version of CLM provides unprecedented visibility across development teams working with Java, NPM, and NuGet open source components.  CLM also provides visibility to where risk resides across market-leading DevOps tools including Maven, Nexus, Hudson, Jenkins, Bamboo, Sonar, Eclipse, etc.

Printer Friendly Page Send this Story to a Friend Create a PDF from the article

Copyright (c) 2007-2014 Martinig & Associates | Methods & Tools Software Development Magazine | Privacy Policy
Software Development Articles | Software Development Directory | Software Development Videos
Software Development Jobs | Software Development News | Software Development Books
Software Development Blogs | Software Development Conferences