Sonatype ushers in new era of application security aimed at eliminating risk in the modern software supply chain

SD Times

Published: April 30, 2013 08:00

Sonatype, the leader in Component Lifecycle Management (CLM), today introduced a revolutionary new approach to application security which significantly reduces the risk in using freely available, open source software (OSS) components. Sonatype CLM is the first and only solution to secure the entire component lifecycle – from design, development and deployment through production operations.

Sonatype CLM directly addresses the Open Web Application Security Project (OWASP) Top Ten for 2013. The definitive resource for application and mobile security best practices, OWASP Top Ten for the first time includes provision A9: using components with known vulnerabilities.

For years, software developers have been using free, open-source components to speed software development and reduce costs. The usage of components is now so commonplace that more than eight billion components were downloaded from Sonatype’s Central Repository in 2012 alone. Most modern software applications are built by stringing together these components – roughly 80 percent of an application is comprised of open-source components with the remaining 20 percent being proprietary components and written code.

Read more on SD Times

SD Times