Now Available as a SaaS-First Solution for Rapid Protection at Scale
Infosecurity Europe - London, June 20, 2023 (GLOBE NEWSWIRE) -- Sonatype, the pioneer of software supply chain management, has announced that Sonatype Repository Firewall has stopped more than $1.5 billion in potential losses from malicious open source attacks. Now a SaaS-first solution, it is enabling even more organizations to speed their pace of innovation while keeping their open source software (OSS) repositories and profitability secure.
As the rate of malicious attacks continues to increase, so too does the cost of attacks – according to IBM, the average cost of a destructive attack stands at $5.12 million. Sonatype Repository Firewall is the only SaaS solution that combats malicious open source attacks, detects and blocks vulnerabilities, and ensures security of open source code repositories with the help of AI behavioral analytics and automated policy enforcement. Backed by Sonatype’s industry-leading research team, Sonatype Repository Firewall scans and evaluates components for vulnerabilities and malicious open source code before they ever enter into an organization’s development life cycle. To date, Sonatype has analyzed more than 120 million open source components – 40x more than its competitors – and Sonatype Repository Firewall has discovered nearly 145,000 malicious components and stopped them from attacking software development pipelines, preventing over $1.5 billion in potential losses for its customers.
“An elegantly simple solution to a complex problem, the Sonatype Repository Firewall empowers technology teams to move fast with the confidence that they are protected from malware masquerading as valid open source software,” said Mitchell Johnson, Chief Product Development Officer at Sonatype. “With cyberattacks increasing in frequency and sophistication–and software development regulations becoming increasingly standardized–organizations are looking for fast ways to protect themselves. Sonatype Repository Firewall is a first line of defense that is easy to set up, maintain, and integrate into workflows. Simply put, if you have a repository manager, you need a Repository Firewall.”
Sonatype Repository Firewall offers customizable and automated policy enforcement controls, ensuring safe and optimal component delivery. It seamlessly integrates with existing workflows, guiding contextual remediation and replacement. Known secure components flow directly into the developer's pipeline, while malicious components are quarantined. Suspicious packages receive greater scrutiny from Sonatype's research team before release to guarantee safety.
Sonatype Repository Firewall delivers best-in-class malware and malicious code attack protection for your development teams through: