JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
Sonatype Releases New Version of Free Repository Health Check
May 24, 2017
Sonatype released the next generation of its free Repository Health Check (RHC) feature within its flagship Nexus Repository product.
As of today, all 120,000 organizations using Nexus will benefit immediately from the ability to automatically analyze the quality and security of open source software components housed within their Nexus Repository as part of their DevOps pipeline.
While open source and third-party software components bring greater efficiency to application development, they are not without their weaknesses. According to the 2017 DevSecOps Community Survey, 1-in-5 organizations confirmed or suspected a breach related to known vulnerabilities in open source components used in their applications -- up 50% over the past three years.
With the introduction of the next-generation RHC, Nexus Repository users can now automatically identify open source security risks at the earliest stages of their DevOps pipeline.
Specifically, the RHC feature empowers software development teams with three important capabilities:
- Provides actionable guidance on which components housed in the repository manager should be upgraded or replaced.
- Prioritizes the list of vulnerable components by severity and impact, detailing how many times each component was downloaded from the repository manager by developers in the past 30 days.
- Reveals month-over-month metrics on the hygiene of the organization’s software supply chain to identify improving standards or worrisome trends.
“To maximize velocity and quality, DevOps-native teams must address security issues at the beginning -- not the end -- of the development lifecycle,” said Wayne Jackson, CEO of Sonatype. “Sonatype was first to market with the Repository Health Check capability in 2012 and today it evaluates more than 50 million components across 25,000 repositories every day. With our next-generation features, Nexus Repository customers can feel confident their development practices are building in security from the start.”
The next-generation RHC feature is available now as part of the Nexus Repository 3.3 release.
Industry News
April 25, 2024
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
April 25, 2024
SmartBear has added no-code test automation powered by GenAI to its Zephyr Scale, the solution that delivers scalable, performant test management inside Jira.
April 24, 2024
Opsera announced that two new patents have been issued for its Unified DevOps Platform, now totaling nine patents issued for the cloud-native DevOps Platform.
April 23, 2024
mabl announced the addition of mobile application testing to its platform.
April 23, 2024
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
April 22, 2024
GitLab announced the general availability of GitLab Duo Chat.
April 18, 2024
SmartBear announced a new version of its API design and documentation tool, SwaggerHub, integrating Stoplight’s API open source tools.
April 18, 2024
Red Hat announced updates to Red Hat Trusted Software Supply Chain.
April 18, 2024
Tricentis announced the latest update to the company’s AI offerings with the launch of Tricentis Copilot, a suite of solutions leveraging generative AI to enhance productivity throughout the entire testing lifecycle.
April 17, 2024
CIQ launched fully supported, upstream stable kernels for Rocky Linux via the CIQ Enterprise Linux Platform, providing enhanced performance, hardware compatibility and security.
April 17, 2024
Redgate launched an enterprise version of its database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations.
April 17, 2024
Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.
April 16, 2024
Kong announced the commercial availability of Kong Konnect Dedicated Cloud Gateways on Amazon Web Services (AWS).
April 16, 2024
Pegasystems announced the general availability of Pega Infinity ’24.1™.
