We’re very excited to welcome Sonatype as a MassTLC Security Community sponsor. To help our community get to know them better, we asked them to answer a few questions:
Who is Sonatype?
Sonatype is a technology company that empowers organizations to build better software. More specifically, we help organizations leverage their reliance on open source software (OSS) to the highest level with the application of data intelligence and dependency management tools, the Nexus Platform. In turn this automated management of dependencies leads to improved security and increased productivity. While we are not headquartered in MA, we have a strong presence in the New England area including our Co-Founder and CTO, Brian Fox, who resides in New Hampshire.
Why are you excited to be part of the MassTLC Security community?
Massachusetts is a tech hub, and as a technology company, we are excited to be a part of the ecosystem. We are thrilled to engage with local security leaders and to learn from their experiences and challenges with open source software at their respective organizations.
What are you hoping you can contribute to and receive from the MassTLC Security community?
Sonatype offers over 10 years of knowledge in helping organizations successfully build better software through the use of automation. We empower software developers by shifting security left, at the beginning of a build, to ensure vulnerabilities are not sent downstream. In addition, we hope to discuss the importance of dependency management with the community which allows developers to better manage their components and fix security vulnerabilities. With these types of tools, both the development and security teams benefit with increased productivity and reduced risk.
In addition to our tools, Sonatype produces thought leadership to share with our industry, including our annual State of the Software Supply Chain Report. You can read our 2020 report, just released here.