- They will work to help enterprise customers innovate faster and easily mitigate security risk inherent in open source
- They said that by teaming up with Sonatype, Cigniti is able to offer its clients the powerful Nexus Platform, in turn, enabling them to automatically enforce open source governance
Cigniti Technologies has announced a partnership with Sonatype, the company that scales DevOps through open source governance and software supply chain automation. They will work to help enterprise customers innovate faster and easily mitigate security risk inherent in open source.
They said that by teaming up with Sonatype, Cigniti is able to offer its clients the powerful Nexus Platform, in turn, enabling them to automatically enforce open source governance and control risk across every phase of the software development lifecycle (SDLC). ). Fueled by Nexus Intelligence, which includes in-depth security, license, and quality information on more than 100M open source components across dozens of ecosystems, the Nexus Platform precisely identifies open source risk and provides expert remediation guidance. It also helps to innovate faster. They claimed that only Nexus secures the perimeter and every phase of one’s SDLC, including production, by continuously monitoring for new risk based on open source policies
Precise intelligence around open source vulnerabilities
Pradeep Govindasamy, CTO & President at Cigniti Technologies said, “As experts in continuous delivery, Cigniti has worked hard to help its customers implement a mature DevSec pipeline. As such, many of our global customers have inquired about software composition analysis to help protect their toolchains. Partnering with Sonatype, who has the in-depth, precise intelligence around open source vulnerabilities, allows us to offer an ever-deeper sense of security to our customers. There is a clear synergy between Sonatype and Cigniti to create a successful partnership.”
They said that the Sonatype Nexus Platform helps 99 per cent reduction in time spent reviewing and approving OSS components and 26x faster identification and remediation of OSS vulnerabilities. It also said that it gives customers 70 per cent smaller windows of exploitability from adversary attacks on OSS components and 20x faster searches and downloads of OSS components by developers.
Wai Man Yau, General Manager International, Sonatype said, “Sonatype has been working with global enterprise customers for over a decade to identify and mitigate millions of security vulnerabilities and protect their software supply .Through our partnership with Cigniti, we’ll be able to further enhance DevSecOps in new regions, providing customers with the continued automated security features they need to build secure software.”