FULTON, Md., July 23, 2024 (GLOBE NEWSWIRE) — Sonatype, an end-to-end software supply chain security platform, today announced that its enterprise-class software bill of materials (SBOM) solution, Sonatype SBOM Manager, and its preeminent artifact repository manager, Nexus Repository, are now available on AWS Marketplace, a digital catalog of thousands of software listings from independent software vendors that makes it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
AWS customers will now have access to the complete Sonatype platform, including open source malware protection from the Sonatype Firewall Repository and software composition analysis solutions from Sonatype Lifecycle, directly within AWS Marketplace. With Sonatype’s availability, AWS customers can streamline the purchasing and management of the complete Sonatype platform within their AWS Marketplace account.
AWS customers can now manage open source components and risk throughout the software development lifecycle (SDLC) at the enterprise level, eliminating uncertainty in SBOM collection, monitoring, and compliance, automatically blocking malicious code and open source malware, streamlining policy enforcement, reducing incident response times, and accelerating code delivery. Enterprises partnering with Sonatype benefit from 26x faster identification and remediation of open source software (OSS) components, a 70% reduction in the exploitable window for adversary attacks, and 99% less developer time spent researching, securing approvals, and downloading quality OSS components.
“In today’s world, where more than 85% of enterprise software is made up of open source and secure development regulations are on the rise, organizations need trusted partners like Sonatype to enable developers to innovate safely and at incredible speed,” said Mitchell Johnson, chief product development officer at Sonatype. “With Sonatype’s complete platform and solution suite available on AWS Marketplace, it’s easier than ever for companies to harness the power of open source and harden their software supply chain against risk, all made possible by Sonatype’s unmatched open source data and security research.”
With Sonatype available on AWS Marketplace, here’s what you can expect:
Fast and reliable SBOM compliance at scale: Sonatype SBOM Manager combines Sonatype’s best-in-class component scanning and comprehensive open source (OSS) data intelligence with market-leading SBOM management support. It streamlines and automates the requesting, auditing, distribution and monitoring of your organization’s first- and third-party SBOMs. And by creating a centralized repository of SBOMs, organizations can easily comply with new software security regulations. The world’s leading artifact repository: Built by the founders and maintainers of Maven Central, Sonatype Nexus Repository empowers software development teams to efficiently scale and manage components, binaries and build artifacts across the software supply chain. This enables teams to build quickly and reliably, and publish and cache components in a central repository that natively connects to all popular package managers. Only Open Source Malware Detection Solution: Sonatype’s artificial intelligence (AI)-powered repository firewall detects and blocks over 2,100 malicious components each month, preventing malware from entering the software supply chain and infecting upstream systems. Extended Software Composition Analysis (SCA): Sonatype’s deep understanding of open source components and their vulnerabilities allows it to accurately identify and mitigate risk throughout the software development lifecycle. Unparalleled Dependency Management: Sonatype helps organizations understand and control the complex relationships between software dependencies, ensuring a secure and reliable foundation for applications.
Sonatype’s proprietary and unique data, accumulated from the analysis of hundreds of millions of open source components, provides unparalleled insight into the open source landscape. This information enables Sonatype to deliver the most accurate and comprehensive software supply chain security solutions on the market, enabling organizations to innovate faster and with confidence, without open source risk.
To learn more about Sonatype’s end-to-end software supply chain security solutions, please visit AWS Marketplace or the Sonatype website.
About Sonatype
Sonatype is a software supply chain security company. Combining the only proactive malicious protection against malicious open source, the only enterprise-grade SBOM management, and the leading open source dependency management platform, we deliver the world’s best end-to-end software supply chain security solution, enabling companies to create and maintain secure, high-quality, innovative software at scale. As founders of the Nexus Repository, the world’s largest Java open source software repository, and stewards of Maven Central, we are software pioneers and our open source expertise is unmatched. We foster innovation with an unmatched commitment to building faster, more secure software and leveraging AI and data intelligence to reduce risk, maximize efficiency, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. For more information about Sonatype, visit www.sonatype.com.
