Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

CIO.com: Helping Developers Reduce Open Source Risk

November 17, 2014 By Derek Weeks

cio-magazine_logo

Last week, CIO.com shared a story of an inflection point in application security. Lucian Constantin discussed how there needs to be a shift from manual open source risk analysis to more automated approaches. His article stated, “The notion of using manual audits, manual approvals and traditional governance to deal with that level of [open source component] consumption is just impossible.” Lucian also described how Sonatype’s new release of CLM helps companies automate open source risk analysis, governance, and reporting.

You can read the full article on CIO.com here.

 

 

Tags: Cyber Supply Chain Management and Transparency Act, H.R. 5793, Lynn Jenkins (R-KS), government open source software (GOSS), Sonatype Says, bill of materials, open source governance, open source components, open source governance policy, Ed Royce (R-CA), application supply chain management, Application Security, cyber supply chain management, Software supply chain management, AppSec Spotlight

Written by Derek Weeks

Derek serves as vice president and DevOps advocate at Sonatype and is the co-founder of All Day DevOps -- an online community of 65,000 IT professionals.