Nexus Firewall to Help Tens of Thousands of Enterprises Automatically Eliminate Use of Defective Open Source From the Start
Fulton, MD – December 15, 2015 – Sonatype, the leader in software supply chain automation, today released Nexus Firewall (patent pending). Nexus Firewall provides perimeter quality control for software development. Similar to a network firewall, it leverages a set of organizationally defined rules that use automation to shield an organization from obsolete or dangerous open source and other third party components from entering or exiting application development.
“Of the billions of components downloaded each year from public repositories, 1 in 16 has a known vulnerability or risky license,” said Wayne Jackson, CEO, Sonatype. “Now organizations can shield themselves from dangerous or outdated components entering their software supply chain with automated policy enforcement integrated at the earliest stage of software development, the repository manager.”
Today there are tens of thousands of installations of Nexus Repository. These organizations can realize significant benefits from Nexus Firewall including:
- Reduce risk and waste by automating open source governance policies at the earliest point in software development - the repository manager
- Prevent vulnerable and undesirable components from entering your software supply chain, by blocking and quarantining any components that don’t meet policy requirements
- Help developers quickly choose the best components with instant analysis of quality and integrity of a selected component including Java, npm and NuGet
- Create visibility through the auditing of all components in the repository manager, including license obligations, known security vulnerability, industry adoption rates, and quarantine status
- Prevent applications with known vulnerable and undesirable components from being released into production.
Added Jackson, “Toyota transformed manufacturing with their supply chain innovations. Sonatype is bringing Toyota principles to DevOps, using automation to revolutionize the consumption, integration and distribution of components used in high velocity software development and delivery environments.”
For more information on Nexus Firewall including a quantitative analysis we performed of the ecosystem, please review this article. To see Nexus Firewall in action, please register for this live discussion and demo on November 19th.
For more information on Nexus Firewall, please see:
- Sonatype website: http://www.sonatype.com/nexus/solution-overview/nexus-firewall
- Article with quantitative analysis of the ecosystem: http://blog.sonatype.com/2015/11/nexus-firewall-quality-at-velocity
- Recorded discussion and demo: https://www.youtube.com/watch?v=Q3jRGbaZT3c
Every day, developers rely on millions of third party and open source building blocks — known as components -- to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don't have to make the tradeoff between going fast and being secure. Policy automation, ongoing monitoring and proactive alerts makes it easy to have full visibility and control of components throughout the software supply chain so that applications start secure and remain that way over time. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Bay Partners, Hummer Winblad Venture Partners and Morgenthaler Ventures. Visit: www.sonatype.com