Adaptavist Offers Enterprise DevSecOps Solution With Sonatype Partnership

With nearly 1-in-4 IT professionals confirming or suspecting a breach tied to open source in the last year and over 21,000 new open source releases happening every day, it’s increasingly challenging for organizations to manually manage open source usage. Using the Sonatype Nexus repository management and developer-first security capabilities, Adaptavist can ensure its customers integrate the right tools, processes and compliance to achieve secure continuous delivery.

“To support the pressure on businesses to accelerate their digital transformation journey, software development needs to happen more quickly, but it also has to be done safely,” says Simon Haighton-Williams, CEO of Adaptavist. “Our strategic partnership with Sonatype will further strengthen our DevOps expertise and allow us to offer customers greater confidence in delivering software not only faster but more securely.”

Through Adaptavist’s partnership with Sonatype, developers will be able to triage open source policy violations in daily workflows with automatically created Jira tickets to build secure software. “Public databases, like the National Vulnerability Database (NVD), provide a relatively small and typically outdated view of open source security vulnerabilities. Nexus Intelligence, which powers Nexus Lifecycle, delivers a universal and timely understanding of open source security, license, and architectural risk. Our data collection engine has ingested and analyzed more than 100 million components, by dynamically monitoring dozens of ecosystems like GitHub commit, every open source project, advisory websites, Google search alerts, OSS Index, and a plethora of vulnerability sites; and it never stops learning,”explains Wai Man Yau, General Manager International, Sonatype.

The Sonatype Nexus platform integrates into GitHub, GitLab and Bitbucket (both server and cloud), adding automation and precise component intelligence into developer pull requests and daily workflows. With improved Bitbucket pull request experience and VS Code integration, you can also bring information from Jira Software right into the same SCM and IDE. These integration capabilities help developers improve secure coding practices and build safer applications faster.

For more information visit: https://www.adaptavist.com/partner-programme/sonatype-partner.

About Adaptavist

Adaptavist is a global technology and innovative solutions provider, enabling organizations to boost agility and overcome the challenges of transformational change. Founded in 2005, its team spans over 300 employees globally, with a 10,000+ customer base representing more than half of the Fortune 500.

Adaptavist is a Platinum Atlassian Solutions Partner in EMEA and North America, a Platinum Marketplace Partner, a SAFe® Gold Transformation Partner, and a trusted Slack and AWS partner. It offers expert consultancy including SPC-certified SAFe® implementation, enterprise apps, training, managed services, and licensing solutions. Adaptavist has also been the recipient of the Queen’s Awards for Enterprise, Deloitte’s Technology Fast 50, and The Sunday Times Tech Track Award 2019.

About Sonatype

Sonatype is the leader in software supply chain automation technology with more than 350 employees, over 1,200 enterprise customers, and is trusted by more than 10 million software developers. Sonatype’s Nexus platform enables DevOps teams and developers to automatically integrate security at every stage of the modern development pipeline by combining in-depth component intelligence with real-time remediation guidance. For more information, please visit Sonatype.com, or connect with us on Facebook, Twitter, or LinkedIn.