The Software Composition Analysis (SCA) Platform Is Now Available to Help AWS Customers Automate Software Supply Chain Security
June 8, 2023 — Fulton, Md. — Sonatype today announced availability in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS) – further expanding its relationship with AWS.
Customers can now manage open source risk across the full software development life cycle (SDLC) at the enterprise level by leveraging the Sonatype Application Security Platform – including Sonatype Lifecycle and Sonatype Repository Firewall – allowing them to block malicious code, automate policy enforcement, improve incident response times, and deliver quality code faster. Enterprises that work with Sonatype experience a 30% reduction in probability of a breach and a 90% reduction in developer time spent researching, securing approval of and downloading quality open source software (OSS) components.
“As the use of open source software increases, organizations need tools and data like Sonatype that keep developers innovating and driving value creation while also managing open source risk,” said Mitchell Johnson, Chief Product Development Officer at Sonatype. “Sonatype availability in AWS Marketplace streamlines the procurement process making it even easier for organizations already leveraging the power of AWS to use Sonatype as part of their software supply chain security strategy.”
Backed by industry-leading, in-depth intelligence, the Sonatype Platform helps solve the problem of how to balance speed, quality, and security at scale, providing developers, engineering teams, and their organizations with the tools they need to develop software fearlessly. Sonatype researchers have analyzed more than 120 million open source components – 40x more than its competitors – and the Sonatype platform has automatically blocked over 115,000 malicious components from attacking software development pipelines.
“Software supply chain attacks have increased 742% per year over the last three years, making it imperative that organizations have access to reliable, scalable security solutions,” said Alex Berry, President at Sonatype. “The Sonatype Platform already seamlessly integrates with existing tools and DevOps pipelines. With the support of AWS Marketplace, Sonatype customers now have another easy option to get started and strengthen their software supply chains.”
For more information, please visit the Sonatype AWS Marketplace listing here or visit www.sonatype.com/become-a-partner.
About Sonatype
Sonatype is the software supply chain management company. Recognized by globally renowned analysts as a leader in the industry, Sonatype enables organizations to innovate faster in a highly competitive market. We allow engineers to develop software fearlessly and focus on building products that power businesses. Sonatype researchers have analyzed more than 120 million open source components – 40x more than its competitors – and the Sonatype platform has automatically blocked over 115,000 malicious malware components from entering developers’ code. Enabling high-quality, secure software helps organizations meet their business needs and those of their customers and partners. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on our tools and guidance to be ambitious, move fast and do it securely. To learn more about Sonatype, please visit To learn more about Sonatype, please visit www.sonatype.com.