Sonatype promotes new product enhancements with intelligent software security

Company Introduces Enhanced Product Capabilities and an Evolved Platform to Meet Growing Demand for Software Supply Chain Security Solutions

Sonatype, the pioneer in software supply chain management, has announced new features for Sonatype Repository Firewall, Sonatype Nexus Repository, and Sonatype Lifecycle. These enhancements are intended to provide organizations with greater control over their software development life cycle (SDLC) while meeting the evolving requirements of DevSecOps – enabling developer teams and their organizations to deliver innovative software in a safer, quicker, and more comprehensive manner.

New Sonatype product attributes comprise:

• Additional Cloud Delivery Options

Sonatype Lifecycle and Sonatype Repository Firewall on AWS Marketplace simplify procurement. Sonatype Repository Firewall is now available as a SaaS offering, making onboarding easier than ever before.

• Streamlined User Experience

Easily manage open source risk with Sonatype Lifecycle’s enhanced navigation, compatibility enhancements, and expanded support for arbitrary characters. Sonatype Repository Firewall enhancements include more streamlined views and enhanced discoverability of specific repositories and violations to facilitate automated policy enforcement.

• Simplified Onboarding and Administration

Effectively manage the Sonatype Nexus Repository induction process with improved privilege administration and Quick Action to speed up common tasks, including mapping blob storage and connecting new proxy repositories. With the new Sonatype Repository Firewall integration experience, Nexus Repository can be equipped with AI-enhanced malware protection and vulnerability scanning in minutes.

• Enhancements to Search Capabilities

Easily connect new proxy repositories with Sonatype Nexus Repository’s streamlined connectivity. Additional enhancements include the ability to search for dates and times, as well as quicker component repository selection, which contribute to a more intuitive and user-friendly experience.

• Deeper Customization Capabilities

Sonatype Lifecycle users now have the ability to customize CVSS Vector Strings, Severity, and CWE-IDs for their environment, organization, and deployments, among other vulnerability details.

• Enhanced Observed License Coverage

Using the most recent machine learning (ML) models, Sonatype Lifecycle has enhanced observed license detection with its Advanced Legal Pack, enabling businesses to meet OSS license compliance obligations without sacrificing development velocity.

Block pernicious open source at the door with enhanced AI and ML-driven malicious package detection in Sonatype Repository Firewall.

In the swiftly transforming digital landscape of the present day, organizations are in an ongoing process of innovation to maintain their competitive advantage, making speed the most crucial factor for success. In addition to serving as a business-critical function to drive innovation and revenue, software developers also play a crucial role in fortifying ecosystems against relentless cyber threats, according to Sonatype’s Chief Product Development Officer, Mitchell Johnson. With these enhanced product features, Sonatype empowers developers and engineering teams to increase productivity without compromising security. Teams can identify and mitigate risk earlier, innovate more quickly, and create software without dread.

Sonatype’s revolutionary software supply chain management platform enables clients to promptly develop, deploy, and maintain innovative software at scale. Sonatype is relied upon by over 2,000 organizations, including 70% of the Fortune 500 and 15 million software developers, to be ambitious, move quickly, and do so securely according to sources. 

“Sonatype’s forward-thinking, industry-leading approach to software supply chain security is consistently recognized,” said Alex Berry, Sonatype’s president.