Sonatype Introduces Next Generation Dependency Management | Press Release

Sonatype and SVA join forces to help companies develop better, more secure software

January 19, 2021 By Stephen Bryans

It’s no secret that we understand the power of community and partnership at Sonatype. It’s why we’re in business - open source components, or reusable, community developed software parts, allow companies to save time and money, improve quality, deliver business agility, and mitigate (some) business risk. Plain and simple you’re often better together. 

It’s many of these same reasons that we’re thrilled to announce a partnership with System Vertrieb Alexander GmbH (SVA, one of Germany’s leading system integrators. We at Sonatype, know we’re better “by standing on the shoulders of giants,” and SVA is one of those giants we’re excited to get to work with to extend the Nexus Platform. Through this new partnership, we’re expanding our global reach and helping even more organizations build vital open source security and software composition analysis programs, ultimately protecting their software supply chains from known open source vulnerabilities from the beginning through production. 

“With 23 offices operating in Germany, SVA System Vertrieb Alexander GmbH achieves optimal solutions for our customers by only combining high-quality IT products and over 20 years of IT best practice and experience,” says Stefan Gärtner, Head of Competence Center CI/CD at SVA. "The goal of being able to deliver quickly in the future leads our customers to continuously increasing automation. Both security and application lifecycle management must meet this demand. Sonatype's products paired with SVA's know-how support our customers in accelerating and streamlining the delivery of high-quality software products.  Key features of Sonatype include a comprehensive database for vulnerability analysis, open source licence commitments and provides continuous updates on licence changes or additions to meet governance guidelines."

We know that open source software components are so prominent that 90% of the code in most modern applications is assembled from them. Understanding what’s in your application is critical to keeping it secure, which is why we created the Nexus Platform to begin with. It automatically enforces open source governance and controls risk across every phase of the software development lifecycle (SDLC). Fueled by Nexus Intelligence, which includes in-depth security, license, and quality information on components across dozens of ecosystems, the Sonatype Nexus Platform precisely identifies open source risk and provides expert remediation guidance, empowering developers to innovate faster. We secure the perimeter and every phase of your SDLC, including production, by continuously monitoring for new risk based on your open source policies.

As our International General Manager Wai Man Yau noted "Sonatype has information on more than 100M open source components, enabling us to protect global enterprises and identify and mitigate vulnerabilities, better than anyone else. Through our partnership with SVA System Vertrieb Alexander GmbH, we'll be able to bring this intelligence to even more organizations and further enhance DevSecOps and open source governance to the German market, providing customers with the continued automated security features they need to build secure software."

Join Us at the Sonatype and SVA Virtual Kickoff Event, 22 February 2021


We’d love to invite you - and your entire team, to attend the joint Sonatype and SVA virtual kick-off event on 22 February 2021. Interested parties can register directly for the Virtual MeetUp Summit - Security Aspects in Agile Software Development via this link.

I hope to see you on the 22nd of February, if not sooner 

Tags: News and Views, partners

Written by Stephen Bryans

Stephen serves as Sonatype's EMEAR Partner Business Manager, helping extend the reach of the Nexus Platform across the globe, through key partners.