Sonatype Delivers First-of-Its-Kind Automated Malware Prevention For Open Source Libraries>
EIN News – Nasdaq Globe Newswire
/EIN News/ — FULTON, MD, Sept. 24, 2019 (GLOBE NEWSWIRE) — Today, Sonatype, the inventors of software supply chain automation, announced it has developed new early warning capabilities to detect malicious releases of open source components, known as âcounterfeit components,â and block their use within modern software factories. The patent-pending technology, part of the next generation of Sonatypeâs Nexus Intelligence, monitors millions of open source projects in real-time to identify abnormal development behavior and suspicious patterns as new component versions are released. In addition to identifying malicious activity based on commit behavior, Sonatypeâs expanded Nexus Intelligence capabilities also collect real-time metadata pertaining to the quality of new component version releases. This provides another layer of insight into the integrity of every new version of a component and will enable developers to automate and scale dependency management with greater peace of mind. New versions of components are released at an overwhelming pace, approximately 20,000 per day, making it impossible for most teams to manually manage dependencies. Sonatypeâs next generation Nexus Intelligence will automate this otherwise painful process and help developers update to the best and newest versions of component releases. The first iteration of Sonatypeâs new Nexus Intelligence capabilities focuses on understanding the commit behaviors and patterns of npm components and creators, with the goal of expanding to additional languages over time.
Link: https://software.einnews.com/pr_news/497291400/sonatype-delivers-first-of-its-kind-automated-malware-prevention-for-open-source-libraries?n=2&code=1hzWYhpPFpH-t3yN&utm_source=NewsletterNews&utm_medium