Sonatype Repository Firewall Has Prevented More Than $1.5B in Losses from Malicious Attacks
Now Available as a SaaS-First Solution for Rapid Protection at Scale
Infosecurity Europe - London, June 20, 2023 (GLOBE NEWSWIRE) -- Sonatype, the pioneer of software supply chain management, has announced that Sonatype Repository Firewall has stopped more than $1.5 billion in potential losses from malicious open source attacks. Now a SaaS-first solution, it is enabling even more organizations to speed their pace of innovation while keeping their open source software (OSS) repositories and profitability secure.
As the rate of malicious attacks continues to increase, so too does the cost of attacks – according to IBM, the average cost of a destructive attack stands at $5.12 million. Sonatype Repository Firewall is the only SaaS solution that combats malicious open source attacks, detects and blocks vulnerabilities, and ensures security of open source code repositories with the help of AI behavioral analytics and automated policy enforcement. Backed by Sonatype’s industry-leading research team, Sonatype Repository Firewall scans and evaluates components for vulnerabilities and malicious open source code before they ever enter into an organization’s development life cycle. To date, Sonatype has analyzed more than 120 million open source components – 40x more than its competitors – and Sonatype Repository Firewall has discovered nearly 145,000 malicious components and stopped them from attacking software development pipelines, preventing over $1.5 billion in potential losses for its customers.
“An elegantly simple solution to a complex problem, the Sonatype Repository Firewall empowers technology teams to move fast with the confidence that they are protected from malware masquerading as valid open source software,” said Mitchell Johnson, Chief Product Development Officer at Sonatype. “With cyberattacks increasing in frequency and sophistication–and software development regulations becoming increasingly standardized–organizations are looking for fast ways to protect themselves. Sonatype Repository Firewall is a first line of defense that is easy to set up, maintain, and integrate into workflows. Simply put, if you have a repository manager, you need a Repository Firewall.”
Sonatype Repository Firewall offers customizable and automated policy enforcement controls, ensuring safe and optimal component delivery. It seamlessly integrates with existing workflows, guiding contextual remediation and replacement. Known secure components flow directly into the developer's pipeline, while malicious components are quarantined. Suspicious packages receive greater scrutiny from Sonatype's research team before release to guarantee safety.
Sonatype Repository Firewall delivers best-in-class malware and malicious code attack protection for your development teams through:
- Advanced Protection: Stop attacks at the repository level with automatic quarantining of malicious and suspicious packages.
- Continuous Threat Prevention: Protect your SDLC from evolving malicious open source threats, including vulnerabilities, malware, next-generation supply chain attacks, brandjacking, typosquatting, dependency confusion attacks and more.
- Fast Remediation: Contextual remediation information identifies why components were blocked and offers alternatives so developers can fix issues quickly.
- Customizable Policy Rules: Automatically control what OSS components are allowed into your SDLC, what to quarantine, and what is released from quarantine.
- Flexible Deployment Options: Cloud, self-hosted, and air-gapped deployment options let you run Sonatype Repository Firewall anywhere.
With the assurance that their code is secure, developers can focus on innovation rather than dependency management. This enables organizations to deliver safe and innovative software rapidly and effectively.
“We continually hear from customers that they wish they had implemented Repository Firewall sooner,” said Alex Berry, President at Sonatype. “We’re thrilled to deliver a solution that makes software supply chain management at the enterprise level easier than ever before.”
Sonatype Repository Firewall is part of the Sonatype platform, which also includes Sonatype Nexus Repository and Sonatype Lifecycle. Sonatype is also the official maintainer of the Maven Central Repository, one of the world’s first, largest and most well-known Java repositories.
ABOUT SONATYPE
Sonatype is the software supply chain management company. We enable organizations to innovate faster in a highly competitive market. Our industry-leading platform empowers engineers to develop software fearlessly and focus on building products that power businesses. Sonatype researchers have analyzed more than 120 million open source components – 40x more than its competitors – and the Sonatype platform has automatically blocked over 145,000 malicious components from entering developers’ code. Enabling high-quality, secure software helps organizations meet their business needs and those of their customers and partners. Recognized by independent analysts as a leader, more than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on our tools and guidance to be ambitious, move fast and do it securely.
To view this piece of content from ml.globenewswire.com, please give your consent at the top of this page.
About GlobeNewswire by notified
GlobeNewswire by notifiedGlobeNewswire by notified is one of the world's largest newswire distribution networks, specializing in the delivery of corporate press releases financial disclosures and multimedia content to the media, investment community, individual investors and the general public.
Subscribe to releases from GlobeNewswire by notified
Subscribe to all the latest releases from GlobeNewswire by notified by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from GlobeNewswire by notified
Iveco Group signs a 150 million euro term loan facility with Cassa Depositi e Prestiti to support investments in research, development and innovation11.6.2024 12:00:00 CEST | Press release
Turin, 11th June 2024. Iveco Group N.V. (EXM: IVG), a global automotive leader active in the Commercial & Specialty Vehicles, Powertrain and related Financial Services arenas, has successfully signed a term loan facility of 150 million euros with Cassa Depositi e Prestiti (CDP), for the creation of new projects in Italy dedicated to research, development and innovation. In detail, through the resources made available by CDP, Iveco Group will develop innovative technologies and architectures in the field of electric propulsion and further develop solutions for autonomous driving, digitalisation and vehicle connectivity aimed at increasing efficiency, safety, driving comfort and productivity. The financed investments, which will have a 5-year amortising profile, will be made by Iveco Group in Italy by the end of 2025. Iveco Group N.V. (EXM: IVG) is the home of unique people and brands that power your business and mission to advance a more sustainable society. The eight brands are each a
DSV, 1115 - SHARE BUYBACK IN DSV A/S11.6.2024 11:22:17 CEST | Press release
Company Announcement No. 1115 On 24 April 2024, we initiated a share buyback programme, as described in Company Announcement No. 1104. According to the programme, the company will in the period from 24 April 2024 until 23 July 2024 purchase own shares up to a maximum value of DKK 1,000 million, and no more than 1,700,000 shares, corresponding to 0.79% of the share capital at commencement of the programme. The programme has been implemented in accordance with Regulation No. 596/2014 of the European Parliament and Council of 16 April 2014 (“MAR”) (save for the rules on share buyback programmes set out in MAR article 5) and the Commission Delegated Regulation (EU) 2016/1052, also referred to as the Safe Harbour rules. Trading dayNumber of shares bought backAverage transaction priceAmount DKKAccumulated trading for days 1-25478,1001,023.01489,100,86026:3 June 20247,0001,050.597,354,13027:4 June 20245,0001,055.705,278,50028:6 June20243,0001,096.273,288,81029:7 June 20244,0001,106.174,424,68
Landsbankinn hf.: Offering of covered bonds11.6.2024 11:16:36 CEST | Press release
Landsbankinn will offer covered bonds for sale via auction held on Thursday 13 June at 15:00. An inflation-linked series, LBANK CBI 30, will be offered for sale. In connection with the auction, a covered bond exchange offering will take place, where holders of the inflation-linked series LBANK CBI 24 can sell the covered bonds in the series against covered bonds bought in the above-mentioned auction. The clean price of the bonds is predefined at 99,594. Expected settlement date is 20 June 2024. Covered bonds issued by Landsbankinn are rated A+ with stable outlook by S&P Global Ratings. Landsbankinn Capital Markets will manage the auction. For further information, please call +354 410 7330 or email verdbrefamidlun@landsbankinn.is.
Relay42 unlocks customer intelligence with a new insights and reporting module, powered by Amazon QuickSight11.6.2024 11:00:00 CEST | Press release
AMSTERDAM, June 11, 2024 (GLOBE NEWSWIRE) -- Relay42, a leading European Customer Data Platform (CDP), is leveraging Amazon QuickSight to power its new real-time customer intelligence, reporting, and dashboard module. Harnessing the breadth and quality of customer data, the new Insights module empowers marketing teams to dive deep into customer behaviors and gain invaluable insights into the performance of their marketing programs across all online, offline, paid, and owned marketing channels. Preview of the Relay42 Insights module, in pre-beta version Key capabilities of the Relay42 Insights module include: Deep insights into customer behaviors: With the Relay42 Insights module, marketers can ask unlimited questions about their data and gain a deeper understanding of how to serve their customers more effectively. Simplicity with AI-powered querying: Marketers can use artificial intelligence to query their data using natural language search, reducing the reliance on data scientists. Us
Metasphere Labs Announces X Spaces Event on the Topic of Green Bitcoin Mining and Sound Money for Sustainability11.6.2024 10:30:00 CEST | Press release
VANCOUVER, British Columbia, June 11, 2024 (GLOBE NEWSWIRE) -- Metasphere Labs Inc. (formerly Looking Glass Labs Ltd., "Metasphere Labs" or the "Company") (Cboe Canada: LABZ) (OTC: LABZF) (FRA: H1N) is thrilled to announce an engaging Twitter Spaces event on Green Bitcoin mining, energy markets, and sustainability on July 3, 2024 at 2 p.m. ET. Follow us on X at MetasphereLabs for updates and to join the event. What We'll Discuss Bitcoin Mining Basics: Understand the fundamentals of Bitcoin mining.Energy Market Dynamics: Explore how Bitcoin mining interacts with energy markets.Sustainable Innovations: Learn about our efforts to promote sustainability in Bitcoin mining.Sound Money: Discover how tamper-proof currency can enhance stability.Efficient Payment Rails: See how fast, neutral payment systems support humanitarian projects.Carbon Footprint: Compare Bitcoin's environmental impact with traditional banking. "We're excited to host this event and dive into the critical topics of Bitcoin