Author: Jane Edwards|| Date Published: December 22, 2022
Maury Cupitt, regional vice president of sales engineering at Sonatype, said government agencies should understand the importance of visibility and automation in the detection and mitigation of risks associated with open source software components.
Cupitt wrote that agencies should adopt a platform that could enable them to ensure the security of their software supply chains through visibility and automation.
He cited Sonatype’s Nexus Repository Manager and discussed how it could help agencies assess open source components, identify malicious components, detect vulnerabilities and address issues by running analyses and having visibility into the software bill of materials.
“In addition, our Nexus Repository Manager can be air-gapped for agencies that want their developers to go through a central repository that is not connected to the internet,” Cupitt said.
He also mentioned Lifecycle and how the platform could help organizations evaluate open source components at every phase of the software development cycle.
Cupitt noted that Sonatype believes open source is the key to innovation in the government and shows its commitment to the open source community by maintaining the Maven Central Repository.
Government IT services contractor Aretum has promoted Amy French, most recently chief accounting officer, to chief financial officer. Vienna, Virginia-based…
Shield AI has agreed to acquire simulation software company Aechelon Technology as part of efforts to expand its technological capabilities. The San Diego-based…
SentinelOne, a company specializing in artificial intelligence security, has promoted Barry Padgett to president and chief operating officer. The appointment takes effect…
Anduril Industries and Palantir Technologies are helping develop software for the potential $185 billion Golden Dome next-generation missile defense shield,…
