One overlooked opportunity for improving DEV and OPS collaboration is inviting database administrators (DBAs) to the DevOps conversation. DBAs function in a unique role where bridging the gap between development and operations occurs daily ...
Sonatype has acquired Vor Security.
Ken Duck, founder and CEO of Vor will join the product and engineering team at Sonatype to continuously expand and refine the open source component intelligence service that underpins the Nexus platform.
As founder and CEO of Vor, Duck created the OSS Index, an innovative and free online index of known open source software vulnerabilities. Today, the index contains more than 2.1 million packages and detailed information on more than 120,000 vulnerabilities across an array of open source ecosystems.
Sonatype also introduced Nexus Lifecycle XC, a new data service delivered via the Nexus IQ server that will provide organizations with component intelligence covering a wide swath of open source ecosystems and formats including Ruby, PHP, Swift, CocoaPods, Golang, C, and C++.
“Empowering software development teams with broad and precise visibility into the open source supply chain is critical to practicing proper application security hygiene. Sonatype’s world-class team has led the way in bringing remarkably accurate component intelligence to the forefront of the DevOps movement, and I am excited to join forces with their amazing team and continue the journey,” said Ken Duck, CEO of Vor Security.