Login Contact Us Book a Demo
Customer Stories
DCAI and Sonatype | Enhancing Software Supply Chain Security
Danish Center for AI Innovation company logo

DCAI Secures National AI Supercomputer in Just Weeks

IT Services and IT Consulting

Company Size: Small

The Danish Center for AI Innovation (DCAI) operates at the forefront of technological innovation, providing the critical infrastructure needed to power national research and development. The organization set out to ensure that all containers for its new national AI supercomputer, which would serve over 100 external users and researchers, were secure. 

DCAI's success hinged on its ability to deliver a trusted, high-performance environment where researchers could focus on their work without the burden of component risk analysis. In under two months, DCAI deployed a fully operational and secure repository infrastructure, auditing over 10,000 components and actively quarantining threats, enabling its platform users to innovate with confidence.

Securing DCAI’s Software Supply Chain for its National AI Supercomputer

The shift toward AI-based workloads triggered a massive increase in the use of containerization and a flood of new open source dependencies, particularly from PyPI and yum repositories. The organization's existing open source Nexus instances were already hitting their request limits and lacked the sophisticated security controls needed to manage this new, high-stakes environment.

The Problem

OSS Security Risks
High-Stakes Deadlines
Scalability Challenges
Dependency Overload

Without a centralized and automated way to govern the influx of open source components, the security burden would fall on individual end-users, slowing down critical research and introducing unacceptable levels of risk. DCAI needed a solution that could provide enterprise-wide visibility and control over its software supply chain, eliminate open source vulnerabilities, and scale to handle thousands of daily requests without creating bottlenecks. 

Building a Two-Stage Secure Software Supply Chain

To address these urgent requirements, DCAI selected Sonatype as the security core of its new software supply chain. The implementation focused on deploying Sonatype Nexus Repository and Sonatype Repository Firewall to create a robust, two-stage architecture designed for maximum security and efficiency. This setup established a secure perimeter for all incoming open source components, effectively locking down the development ecosystem from potential threats.

The first stage of the architecture involved a 'connected' environment where Sonatype Repository Firewall was configured to automatically vet every component from public repositories like PyPI. The 'Audit' and 'Quarantine' features were activated immediately, allowing DCAI to gain instant visibility into component risk and automatically block any software that violated its security policies. This proactive defense mechanism was critical for preventing risky components from ever entering their development lifecycle.

branded electric blue quote glyph

“Previously, the security burden was on the end-user. Now, we can pull containers and packages from our repositories with confidence, knowing every component has been vetted by Sonatype. This allows us to focus on research and AI workloads instead of on component risk analysis.”

Ali Syed

Senior Vice President Infrastructure

Danish Center for AI Innovation company logo

Once vetted, approved components were passed to the second stage: a 'disconnected,' semi-air-gapped Nexus Repository instance. This secure, centralized repository served as the trusted source for DCAI's external university users and researchers. Furthermore, the platform was integrated directly with internal GitLab CI/CD services, ensuring that components developed internally were also pushed to this secure location for distribution. This seamless integration created a fortified, end-to-end flow of artifacts, from source to end-user, guaranteeing that every component available on the platform was trusted and secure.

Featured Results

00
repositories deployed in under 2 months
00
+
components audited in the first month
00
+
unique components onboarded in just 3 months
00
%
of containers vetted for safety

Rapid Security and Scale: From Kickoff to Enterprise-Wide Protection

DCAI moved from the initial project kick-off to a fully operational, secure repository infrastructure in less than two months, a timeline that was critical for keeping the broader AI supercomputer project on schedule. Between January and March, the team successfully deployed approximately 150 repositories and onboarded over 5,000 unique components, rapidly building out the cache for the new platform. 

By April, just four months after implementation, Sonatype Repository Firewall had already audited more than 10,000 components, providing DCAI with a level of enterprise-wide security and license visibility that was previously unattainable. The value of this proactive security posture was proven in May when the system began actively quarantining vulnerable components, offering a clear, measurable example of risk reduction in action. The new platform now effortlessly handles thousands of proxy requests per day, ensuring that researchers have fast, reliable, and around-the-clock access to the tools they need. 

10 K+
Components audited within the first four months
branded electric blue quote glyph

“We achieved our initial goals with incredible speed, moving from zero to a fully functional, secure, and scaled platform in the first quarter of the year. By May, the Sonatype Repository Firewall had actively quarantined vulnerable components, providing a clear, measurable example of risk reduction.”

Ali Syed

Senior Vice President Infrastructure

Danish Center for AI Innovation company logo

Accelerating AI Breakthroughs Through Secure Open Source

By establishing a secure and scalable foundation for its national AI supercomputer, DCAI has not only protected its infrastructure but has also empowered its community of researchers to push the boundaries of artificial intelligence. The rapid deployment and immediate return on investment underscore the value of Sonatype's integrated approach to open-source management.

As DCAI continues to support groundbreaking research, its secure software supply chain will remain a critical asset, ensuring the integrity and performance of the national AI platform for years to come. This successful implementation serves as a powerful model for any organization looking to harness the power of open source and AI without compromising on security.

Learn how Sonatype can help you secure your software supply chain and accelerate innovation. Book a demo today.

Products Used

sonatype-repository-logo-black

Sonatype Repository firewall logo black.