Around one in five business leaders indicating that their software budget had increased 50 percent or more over the past three years to support digital transformation projects. However, the increased software development investment has not translated to greater security budgets or awareness of the security risks insecure software introduces: only 50 percent of business leaders surveyed understand the risk that vulnerable software poses to their business, according to Securing the Digital Economy, a report from Veracode ...
Sonatype announced that its Nexus Firewall will offer support for automated governance of PyPI components before the end of the quarter.
Python development teams using Nexus Firewall will be able to ensure the packages they use meet the highest quality and security standards by:
- Defining and enforcing rules for PyPI component usage
- Analyzing and selectively admitting PyPI components
- Keeping production apps safe from risky components
“In January 2017 alone, 662 million PyPI packages were downloaded from Python.PyPI.org,” said Wayne Jackson, CEO of Sonatype. “Now organizations developing in the Python language can shield themselves from vulnerable components entering their software supply chain at the earliest stage in the development lifecycle by adopting a security-first solution.”