[ Software ] How does your company help make applications more secure?

[Lexman.]

 

Brian Fox, CTO of Sonatype: 
Today, more than 1,200 companies rely on the Nexus platform to unite software developers, security professionals, and IT operations on the same team so they can continuously identify and remediate open-source risk, without slowing down innovation. When speed is critical, Nexus ensures that controls keep pace and that innovation prospers.
 

Our award-winning platform is powered by Nexus Intelligence, a proprietary research service that knows more about the quality of open source than anyone in the world.  This highly curated intelligence service integrates easily with a wide range of po[CENSORED]r tools across every phase of your software development life cycle and empowers engineering teams to innovate faster with less risk.
 

For software developers, Nexus provides precise information and rapid feedback about open-source projects so engineers always utilize the highest quality third-party libraries to build the best applications.
 

For application security professionals, Nexus integrates with CI/CD pipelines so teams can automatically find, and easily fix, open-source security vulnerabilities and licensing risk.
 

For operations professionals, Nexus continuously examines applications in production and generates a crystal clear picture of third-party open-source dependencies so teams can rapidly patch in the event of new zero day threats.
 

At Sonatype, we’ve also taken great care to establish a culture intensely devoted to each customer’s success. But, don’t just take our word for it. Our customers say it best: “The way Sonatype implemented their application with us has been really, really good…they don’t just give you the software and walk out the door… even now, a year after going live, they still meet with us regularly and give us extremely helpful guidance. It is not often that I say that about companies we work with.”