Welcome!

Apache Authors: Elizabeth White, Pat Romanski, Liz McMillan, Christopher Harrold, Janakiram MSV

News Feed Item

Sonatype Secures Access to the Central Repository for Component-Based Software Development

SSL Connectivity to the Central Repository Protects All Repository Manager Users; Sonatype to Donate Proceeds to Open Source Foundations

SILVER SPRING, MD -- (Marketwire) -- 11/27/12 -- Sonatype, the leader in Component Lifecycle Management (CLM), today announced the availability of Secure Socket Layer (SSL) access to the Central Repository, the industry's primary source for open source software (OSS) components. SSL connectivity to the Central Repository is now a standard feature in Nexus Professional, Sonatype's market-leading repository manager. The company has also made SSL access available to users of the open source version of Nexus and any other repository manager that connects to the Central Repository for a nominal donation of $10. Sonatype will donate all proceeds to the Apache Foundation for the first six months, then to other member-supported governing bodies such as the Eclipse Foundation thereafter.

The Central Repository houses more than 400,000 components and serves nearly 8 billion requests per year for more than 70,000 organizations worldwide. As the stewards of the Central Repository, Sonatype is committed to ensuring the repository and its access points are well protected and never compromised. Industry standard SSL support provides a secure connection that protects component downloads from man-in-the-middle attacks that could expose organizational weaknesses or inject malware into software builds and ultimately, critical applications.

"OSS components are the building blocks of modern software applications and the vast majority of these are distributed from the Central Repository," said Jason van Zyl, Founder and CTO of Sonatype. "Sonatype CLM offerings ensure the integrity of the entire software supply chain, which gives our users confidence knowing that their components are secure, trusted and properly licensed. We view SSL connectivity to Central as a natural complement to the overall security profile of OSS components and we are happy to extend these features to all open source developers, not just Nexus Professional users."

Nearly 20,000 software development organizations rely on Nexus and Nexus Professional to reduce build times, improve collaboration and increase control of OSS components. The actionable security, licensing and popularity information introduced in version 2.0 of Nexus has now been extended with the addition of SSL connectivity to Central in version 2.2. Organizations that embrace component-based development continue to benefit from a secure, stable and scalable system to manage its software components, speed builds and simplify the distribution process.

For organizations that use repository managers Artifactory or Archiva, and others interested in additional information on SSL connectivity to the Central Repository, please visit: http://www.sonatype.com/Products/Secure-Access-to-Central

About Sonatype
Sonatype is leading the component revolution. The company's innovative component lifecycle management products enable organizations to realize the promise of agile, component-based software development while avoiding security, quality and licensing risks. Sonatype operates the Central Repository, the industry's primary source for open-source components, housing more than 400,000 components and serving nearly 8 billion requests per year from more than 70,000 organizations. The company has been a pioneer in component-based software development since its founding by Jason van Zyl, the creator of the Apache Maven build management system and the Central Repository. Since that time, Sonatype has been a leader in core open-source software development ecosystem projects used by more than nine million developers including Nexus, m2eclipse, and Hudson. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Bay Partners, Hummer Winblad Venture Partners and Morgenthaler Ventures. Visit: www.sonatype.com or follow Sonatype on Twitter @SonatypeCM

Apache, Apache Maven and Maven are trademarks of the Apache Software Foundation.

Media Contact:
April Harned
PR for Sonatype
Email Contact
646-246-0484

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...