Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
Sonatype announced that Sonatype SBOM Manager, its Enterprise-Class Software Bill of Materials (SBOM) solution, and its artifact repository manager, Nexus Repository, are now available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
AWS customers will now have access to the full Sonatype platform, including Sonatype Firewall Repository’s open source malware protection and Sonatype Lifecycle’s software composition analysis solution, directly within AWS Marketplace. Sonatype’s availability provides AWS customers with the ability to streamline the purchase and management of the full Sonatype platform within their AWS Marketplace account.
AWS customers can now manage open source components and risk throughout the software development life cycle (SDLC) at the enterprise level. This helps eliminate uncertainty in SBOM collection, monitoring, and compliance, automatically blocks malicious code and open source malware, streamlines policy enforcement, enhances incident response times, and accelerates code delivery. Enterprises partnering with Sonatype benefit from 26x faster identification and remediation of open source software (OSS) components, a 70% reduction in exploitability windows from adversary attacks, and a 99% decrease in developer time spent on researching, securing approval, and downloading quality OSS components.
"In today's world, where enterprise software is constituted of more than 85% open source, and secure development regulations are increasing, organizations need a trusted partner like Sonatype to empower their developers to innovate, securely at lightning speed," said Mitchell Johnson, Chief Product Development Officer at Sonatype. "With Sonatype’s full platform and suite of solutions available in AWS Marketplace, we're making it easier than ever for businesses to harness the power of open source and fortify their software supply chains against risk, all powered by Sonatype’s unrivaled open source data and security research.”
With Sonatype available in AWS Marketplace, you can expect:
- Rapid, Reliable SBOM Compliance at Scale: Sonatype SBOM Manager brings Sonatype’s best-in-class component scanning and comprehensive open source (OSS) data intelligence together with market-leading SBOM management support. It streamlines and automates the requesting, auditing, distributing, and monitoring of an organization’s first and third-party SBOMs. And, by creating a centralized repository for SBOMs, organizations can easily keep up with emerging software security regulations.
- World’s Leading Artifact Repository: Built by the founders and stewards of Maven Central, Sonatype Nexus Repository empowers software development teams to efficiently scale and manage components, binaries, and build artifacts across their entire software supply chain. It enables teams to build quickly and reliably and publish and cache components in a central repository that connects natively to all popular package managers.
- The Only Open Source Malware Detection Solution: Sonatype's artificial intelligence (AI)-powered Repository Firewall detects more than 2,100 intentionally malicious components every month, and blocks them, preventing malware from entering the software supply chain and infecting upstream systems.
- Expanded Software Composition Analysis (SCA): Sonatype's deep understanding of open source components and their vulnerabilities enables precise identification and mitigation of risks throughout the software development lifecycle.
- Unrivaled Dependency Management: Sonatype empowers organizations to understand and control the complex relationships between software dependencies, ensuring a secure and reliable foundation for applications.
Industry News
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.
StackHawk has taken on $12 Million in additional funding from Sapphire and Costanoa Ventures to help security teams keep up with the pace of AI-driven development.
Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.
Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.
Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.
As part of Summer '25 Edition, Shopify is rolling out new tools and features designed specifically for developers.
Lenses.io announced the release of a suite of AI agents that can radically improve developer productivity.
Google unveiled a significant wave of advancements designed to supercharge how developers build and scale AI applications – from early-stage experimentation right through to large-scale deployment.
Red Hat announced Red Hat Advanced Developer Suite, a new addition to Red Hat OpenShift, the hybrid cloud application platform powered by Kubernetes, designed to improve developer productivity and application security with enhancements to speed the adoption of Red Hat AI technologies.
Perforce Software announced Perforce Intelligence, a blueprint to embed AI across its product lines and connect its AI with platforms and tools across the DevOps lifecycle.
CloudBees announced CloudBees Unify, a strategic leap forward in how enterprises manage software delivery at scale, shifting from offering standalone DevOps tools to delivering a comprehensive, modular solution for today’s most complex, hybrid software environments.
Azul and JetBrains announced a strategic technical collaboration to enhance the runtime performance and scalability of web and server-side Kotlin applications.
Docker, Inc.® announced Docker Hardened Images (DHI), a curated catalog of security-hardened, enterprise-grade container images designed to meet today’s toughest software supply chain challenges.
GitHub announced that GitHub Copilot now includes an asynchronous coding agent, embedded directly in GitHub and accessible from VS Code—creating a powerful Agentic DevOps loop across coding environments.