Red Hat Sonatype Partner logos

Red Hat OpenShift + Sonatype Lifecycle

Pair your containers with transparency that meets National Cyber Security EO 14028 and prevents vulnerabilities and malicious attacks.

Generate an SBOM

Partnership Benefits

Software Bill of Materials (SBOM)

Use Sonatype Lifecycle to generate an SBOM for improved transparency and vulnerability remediation across your SDLC.
Simple Automation

Sonatype Lifecycle with Ansible playbooks allows your organization to operate and manage at scale.
Container and Application Security

Integrated through Tekton tasks or OpenShift pipelines natively.
Run Anywhere

Sonatype Lifecycle can run anywhere where OpenShift is deployed. Self-hosted, in the cloud or private network.

Protect software running in Red Hat Openshift containers with Sonatype

Sonatype Lifecycle and OpenShift together provide integrated container & application security

Sonatype empowers developers and security professionals with intelligent tools to innovate more securely at scale. Sonatype identifies critical security vulnerabilities and code quality issues and reports results directly to developers and security professionals. Sonatype has partnered up with RedHat and have created a solution that extends the OpenShift Platform, allowing developers to generate an SBOM.

This joint partnership will make it easy for you and your team to effectively and quickly adopt the software supply chain mandates around Executive Order 14028 for software bill of materials.

“Customers are looking to migrate their applications to the cloud leveraging containers as the deployment model. Red Hat container certification assures a supportable and performant platform for all types of customer deployment models. Red Hat is thrilled to work with software partners like Sonatype, resulting in the world’s largest commercial ecosystem for containers.”

Mike Werner

Sr. Director, Global Technology Partner Ecosystems Red Hat

Generate an SBOM

Provide transparency and insight, allowing for improved vulnerability management and remediation and, subsequently, application security.

Trusted by the industry

Sonatype is used by hundreds of organizations across many highly regulated industries, with varying compliance standards to support the mission of safe and secure application development..

Easy to deploy and manage

Once applications have been inventoried by Lifecycle via OpenShift Pipelines and new vulnerabilities are discovered, the system alerts stakeholders about which applications are affected, whether the applications are in development, production or post-production.

Run products anywhere

Flexible deployment options let you run anywhere—without the operational hurdles. Deploy easily with world class support from our Technical Support team at no additional cost.

Cloud

Get started right away. Streamline your infrastructure and rapidly scale with cloud solutions hosted on AWS and managed by Sonatype.

Available for

Learn More

Self Hosted

Unlock maximum flexibility. Choose to host on your own servers or in a cloud environment of choice.

Available for

Learn More

Air-Gapped

Adhere to the strictest security standards for government and affiliated organizations. Sonatype offers the only software supply chain solution for air-gapped environments.

Available for

Learn More

Red Hat OpenShift + Sonatype Lifecycle

Partnership Benefits

Protect software running in Red Hat Openshift containers with Sonatype

Sonatype Lifecycle and OpenShift together provide integrated container & application security

Vulnerability remediation made transparent

Generate an SBOM

Trusted by the industry

Easy to deploy and manage

Perform quality analysis, create run pipelines, and generate SBOMs in OpenShift.

Run products anywhere

Cloud

Self Hosted

Air-Gapped

Get software supply chain transparency

Subscribe for all the latest software security news and events