Want to Understand Software Supply Chains? Ask Red Hat

September 01, 2017 By Matt Howard

2 minute read time

At Sonatype we've spent a lot of time over the past few years researching and writing about software supply chains.  I mean A LOT.

Red Hat is another company that spends a huge amount of time studying and communicating about the same topic.  And, as you can see here, they definitely know what they're talking about.

Of course, it's not a surprise that Red Hat would deeply grok the principles of software supply chain management -- after all, they have long practiced remarkable supply chain hygiene (upstream and downstream) in support of their core franchise RHEL.

Furthermore, as shown below, it should not come as a surprise that Red Hat would have an "Ops-centric" view of the software supply chain process -- beginning with Ops and leading to Dev.

Architecting_Containers_Part_5__Building_a_Secure_and_Manageable_Container_Software_Supply_Chain_–_Red_Hat_Enterprise_Linux_Blog.png

Notwithstanding subtle differences of perspective — Red Hat gets it.

Their early embrace of Kubernetes is proof.  Their investment in Open Shift is proof.  But most of all, the proof is in the fact that they're partnering with technologies like Nexus Lifecycle to help customers continuously automate open source governance and application security controls across every phase of the modern software supply chain.

Tags: Red Hat, Sonatype, Devops, Software Supply Chains, Open Shift

Written by Matt Howard

Matt is a proven executive and entrepreneur with over 20 years experience developing high-growth software companies, at Sonatype, he leads corporate marketing, strategic partnering, and demand generation initiatives.