SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Sonatype & OpenText unite for enhanced app security

Fri, 22nd Nov 2024

Sonatype and OpenText have announced a collaboration to deliver an integrated platform for application security.

The new solution will integrate Software Composition Analysis (SCA) with Static and Dynamic Application Security Testing (SAST/DAST), offering comprehensive protection for both open-source and custom code. It aims to simplify DevSecOps through automated security checks that fit into Continuous Integration/Continuous Deployment (CI/CD) pipelines, enhancing efficiencies and easing vulnerability management.

The partnership was highlighted in Sonatype's 2024 State of the Software Supply Chain Report, which found that some critical vulnerabilities in software took over 500 days to address. The combined effort of Sonatype's open source governance and Fortify's application security testing from OpenText provides a framework for detecting, preventing, and fixing vulnerabilities more effectively.

The new solution promises robust, end-to-end security across the software supply chain. It aims to empower organisations by integrating into the CI/CD process without hampering development speed, enabling developers to prioritise security alongside software delivery.

Tyler Warden, Vice President of Product at Sonatype, commented, "At Sonatype, we're dedicated to empowering organisations to take ownership over their software supply chain security without sacrificing speed and agility. Partnering with like-minded organisations like OpenText is critical to furthering this mission. In uniting our innovative SCA solutions with Fortify's proprietary code security tools to create this single pane of glass platform, we make it easier for developers and security teams to eliminate technical debt, maintain visibility, and quickly respond to security risks."

Dylan Thomas, Senior Director of Engineering and Product for Application Security at OpenText, added, "The best partnerships lean into each organisation's unique strengths in support of a common goal. Sonatype and OpenText offer best-in-class code security solutions that, when combined, streamline security across the entire software development lifecycle. I am excited for our continued joint evolution and innovation to enable safe, secure, and fast software development."

This development comes as an increasing number of global organisations turn to the integrated Sonatype and Fortify by OpenText solution for secure and rapid software development. These tools aim to simplify the management of regulatory compliance and risk, through early detection and unified reporting of security issues.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X