Hello, Guest!
  • Friday, April 19, 2024
Maury Cupitt / HMG Strategy

Sonatype’s Maury Cupitt: Visibility, Automation Could Help Agencies Reduce Risks of Open Source Components

Maury Cupitt, regional vice president of sales engineering at Sonatype, said government agencies should understand the importance of visibility and automation in the detection and mitigation of risks associated with open source software components.

Cupitt wrote that agencies should adopt a platform that could enable them to ensure the security of their software supply chains through visibility and automation.

He cited Sonatype’s Nexus Repository Manager and discussed how it could help agencies assess open source components, identify malicious components, detect vulnerabilities and address issues by running analyses and having visibility into the software bill of materials.

“In addition, our Nexus Repository Manager can be air-gapped for agencies that want their developers to go through a central repository that is not connected to the internet,” Cupitt said.

He also mentioned Lifecycle and how the platform could help organizations evaluate open source components at every phase of the software development cycle.

Cupitt noted that Sonatype believes open source is the key to innovation in the government and shows its commitment to the open source community by maintaining the Maven Central Repository.

Video of the Day

Related Articles

BlueVoyant Names Sebastian Sobolev as Product VP Executive Moves

BlueVoyant Names Sebastian Sobolev as Product VP

Sebastian Sobolev, a cybersecurity and data analytics professional, has been appointed vice president of product at New York-based cloud-native cyber defense platforms provider BlueVoyant. He announced his new position in a LinkedIn post published Thursday. Prior to his current position, Sobolev was chief technology officer at BlueVoyant’s government solutions business and was responsible for technology

Iridium Reports Q1 2024 Results, Completes 1st Ever Acquisition; Matt Desch Quoted Financial Reports

Iridium Reports Q1 2024 Results, Completes 1st Ever Acquisition; Matt Desch Quoted

Iridium Communications (Nasdaq: IRDM) presented its Q1 2024 financial results, in which total revenue reacched $203.9 million, although slightly lower by 0.7 percent from a year ago. Notably, the voice and data satellite communications provider’s net income increased 101.1 percent year-over-year to $19.65 million, while the subscriber base grew 7 percent compared to Q1 2023, Iridium said

L3Harris Books $187M USSF Space Surveillance System Maintenance Contract Contract Awards

L3Harris Books $187M USSF Space Surveillance System Maintenance Contract

L3Harris Technologies (NYSE: LHX) has secured a potential $187 million contract to continue helping the U.S. Space Force maintain and upgrade its space surveillance systems and command centers dedicated to providing space domain awareness for military and civilian users. The award exercises the option year five of the potential 10-year, $1.2 billion Maintenance Of Space