Sonatype’s platform debuts on AWS Marketplace, protecting the supply chain against open source risk
Sonatype, the end-to-end software supply chain security platform, is announcing the debut of two of its solutions—Sonatype SBOM Manager and Nexus Repository—on the AWS Marketplace. Now, AWS customers can access the full Sonatype platform—including Sonatype Firewall Repository’s open source malware protection and Sonatype Lifecycle’s software composition analysis solution—to secure and streamline software supply chains.
This release enables joint Sonatype and AWS customers to easily procure and manage the full Sonatype platform from directly within the AWS Marketplace. With access to streamlined software bill of materials (SBOM) collection, monitoring, and compliance, AWS customers benefit from automatic malicious code and open source malware blocking, frictionless policy enforcement, improved incident response times, and accelerated code delivery, according to Sonatype.
"In today's world, where enterprise software is constituted of more than 85% open source, and secure development regulations are increasing, organizations need a trusted partner like Sonatype to empower their developers to innovate securely at lightning speed," said Mitchell Johnson, chief product development officer at Sonatype. "With Sonatype’s full platform and suite of solutions available in AWS Marketplace, we're making it easier than ever for businesses to harness the power of open source and fortify their software supply chains against risk, all powered by Sonatype’s unrivaled open source data and security research.”
The Sonatype SBOM Manager is an enterprise class SBOM solution that merges Sonatype’s best-in-class component scanning and comprehensive open source (OSS) data intelligence with SBOM management support. This reduces the friction of and automates the requesting, auditing, distributing, and monitoring of third-party SBOMs, further providing a centralized repository for SBOM to help enterprises keep pace with new software security regulations.
Nexus Repository, an artifact repository manager, empowers software developers to scale and manage components and binaries and build artifacts across the entire software supply chain with ease. Offering a central repository for teams to rapidly and reliably build and publish cache components, Nexus Repository connects natively to all popular package managers, according to Sonatype.
Sonatype's AI-powered Repository Firewall works to detect and block over 2,1000 intentionally malicious components, ensuring that malware cannot infect the software supply chain or upstream systems. Additionally, Sonatype’s platform is supported by a deep understanding of open source components and their vulnerabilities, offering precise identification and mitigation of risks as well as unrivaled dependency management, according to the vendor.
To learn more about Sonatype, please visit https://www.sonatype.com/.