mabl announced the addition of mobile application testing to its platform.
Sonatype has acquired Vor Security.
Ken Duck, founder and CEO of Vor will join the product and engineering team at Sonatype to continuously expand and refine the open source component intelligence service that underpins the Nexus platform.
As founder and CEO of Vor, Duck created the OSS Index, an innovative and free online index of known open source software vulnerabilities. Today, the index contains more than 2.1 million packages and detailed information on more than 120,000 vulnerabilities across an array of open source ecosystems.
Sonatype also introduced Nexus Lifecycle XC, a new data service delivered via the Nexus IQ server that will provide organizations with component intelligence covering a wide swath of open source ecosystems and formats including Ruby, PHP, Swift, CocoaPods, Golang, C, and C++.
Compared to the precisely accurate open source intelligence offered by Nexus Lifecycle for Java, JavaScript, NuGet, and PyPI -- traditional vendors of Software Composition Analysis (SCA) tools have long provided commodity open source intelligence across a broad spectrum of ecosystems.
Over time, organizations have come to value the unique accuracy of Nexus Lifecycle data for Java, JavaScript, NuGet, and PyPI; but they still require open source intelligence for a wide variety of other ecosystems. Beginning today, Sonatype is delivering a win-win intelligence engine that combines the depth of Lifecycle data for machine automated open source controls with the breadth of Lifecycle XC data for foundational open source governance.
“Empowering software development teams with broad and precise visibility into the open source supply chain is critical to practicing proper application security hygiene. Sonatype’s world-class team has led the way in bringing remarkably accurate component intelligence to the forefront of the DevOps movement, and I am excited to join forces with their amazing team and continue the journey,” said Ken Duck, CEO of Vor Security.
“Since its introduction in 2012, Nexus Lifecycle has seen tremendous acceptance in the market because it provides remarkably precise and accurate intelligence with respect to open source components across Java, JavaScript, NuGet, and PyPI. While enterprise customers, especially those practicing DevOps, place a premium value on the accuracy and precision of our Nexus Lifecycle data, they also need intelligence for a wide variety of other formats and ecosystems. The combination of Lifecycle and Lifecycle XC gives customers the best of both worlds -- a premium intelligence service that fully automates enforcement of open source policies inside of a DevOps pipeline, plus a stock data intelligence service to inform basic hygiene for all other ecosystems,” said Wayne Jackson, CEO of Sonatype.
Industry News
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.
SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.
Red Hat announced updates to Red Hat Trusted Software Supply Chain.
Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.
CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.
Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.
Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.
Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).
Pegasystems announced the general availability of Pega Infinity ’24.1™.
Sylabs announces the launch of a new certification focusing on the Singularity container platform.
OpenText™ announced Cloud Editions (CE) 24.2, including OpenText DevOps Cloud and OpenText™ DevOps Aviator.
Postman announced its acquisition of Orbit, the community growth platform for developer companies.
Check Point® Software Technologies Ltd. announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.