Equifax Selects Sonatype to Support Open Source Governance and Security


Equifax is deploying Sonatype’s Nexus Platform including the Nexus Repository, Nexus Lifecycle and Nexus Firewall.

Credit reporting company Equifax Inc. has selected Sonatype’s Nexus Platform to intelligently manage and monitor the use of open source libraries across its application portfolio. The selection was made following a competitive review, according to a statement released by Sonatype.

Founded in 2008, Sonatype is the leader in automated open source governance and application security. It helps thousands of organizations build better software, faster by mitigating risks inherent in open source through automated governance.

Sonatype’s Nexus platform combines in-depth component intelligence with real-time remediation guidance to automate and scale open source governance across every stage of the modern DevOps pipeline.

Equifax is deploying Sonatype’s Nexus Platform including the Nexus Repository, which stores and distributes trusted components and build artifacts; Nexus Lifecycle, which continuously identifies and remediates open source risks across the development and production lifecycle; and Nexus Firewall, which prevents vulnerable libraries from entering the development environment in the first place.

Each of these modules is powered by Nexus Intelligence, Sonatype’s unparalleled knowledge base of open source projects.

Open source – the key to digital transformation

“Open source software is at the core of virtually every company’s digital transformation. As a result, it has become critical that enterprises put automated open source governance and security at the center of their innovation programs,” said Sonatype CEO Wayne Jackson.

He added that the Nexus Platform is designed specifically for organizations like Equifax that are taking the bold steps needed to innovate at scale while improving quality and reducing risk.

While it continues to deliver innovative and effective solutions for customers around the globe, Equifax said it is also focused on building security into each software application from the start and enhancing it throughout the development process.

“Sonatype’s Nexus platform will help provide additional visibility, insight and automated governance of our use of open source throughout the development and operations lifecycle,” said Bryson Koehler, Chief Technology Officer for Equifax.

In its official release, Sonatype claims that more than 10 million software developers rely on it to innovate faster while mitigating security risks inherent in open source.




Please enter your comment!
Please enter your name here