Author: Jane Edwards|| Date Published: December 22, 2022
Maury Cupitt, regional vice president of sales engineering at Sonatype, said government agencies should understand the importance of visibility and automation in the detection and mitigation of risks associated with open source software components.
Cupitt wrote that agencies should adopt a platform that could enable them to ensure the security of their software supply chains through visibility and automation.
He cited Sonatype’s Nexus Repository Manager and discussed how it could help agencies assess open source components, identify malicious components, detect vulnerabilities and address issues by running analyses and having visibility into the software bill of materials.
“In addition, our Nexus Repository Manager can be air-gapped for agencies that want their developers to go through a central repository that is not connected to the internet,” Cupitt said.
He also mentioned Lifecycle and how the platform could help organizations evaluate open source components at every phase of the software development cycle.
Cupitt noted that Sonatype believes open source is the key to innovation in the government and shows its commitment to the open source community by maintaining the Maven Central Repository.
Client Solution Architects has appointed Ellen Barletto as chief growth officer, expanding her leadership responsibilities after nearly two decades with…
Brian Meyer, federal field chief technology officer at Axonius Federal, said cybersecurity asset management could help government agencies make dozens…
“Technology transformation company Red River has acquired Invictus International Consulting to expand its cybersecurity and enterprise modernization capabilities to support…
Synergy ECP, a software engineering, cybersecurity and systems engineering services provider, has acquired NetServices, a company offering secure, mission-focused technology services. The…
