Software

Sonatype Introduces a New Deep Code Analysis Platform for Developers

Sonatype, the industry leader in developer-friendly solutions for software supply chain automation and security, announced Sonatype Lift (Lift), a first-of-its-kind cloud-native, deep code analysis platform. Lift installs in minutes and gives developer-friendly feedback on a wide variety of bug types, from lightweight style concerns to complex coding problems often seen in first-party source code and third-party open source libraries.

Cyber assaults grew rapidly last year, as bad actors increasingly target software supply chains to exploit vulnerabilities in commercial and open-source code, as shown by the SolarWinds and Codecov events. Even the world’s most significant companies are not immune to software quality defects making their way into production accidentally. Apple has revealed significant flaws in its Webkit browser SDK and iOS Kernel. As code quality concerns become more of a security concern, developers and security teams must collaborate to guarantee code is dependable and safe. Furthermore, as proven by the recent Fastly outage, innocent coding mistakes can inflict just as much damage.

Deep Code Analysis. Easy for Developers. Trusted by Security

Created to make developers’ and security teams’ lives easier, Lift fosters collaboration between the two, providing a unified code analysis pipeline that brings 26+ tools across 11 languages to catch a wide range of bug types. Because Lift’s results are reported in code review, developers and security engineers can collaborate on how best (or whether) to fix reported issues. With reporting during the peer review window proven to improve fix rates dramatically, Lift’s ability to provide insights at this critical point will be instrumental in improving code quality. 

This is the first code quality solution to bring the proven methods and technologies from Facebook (Infer) and Google (ErrorProne) and deliver them as a commercial platform. The unique way in which Lift works overcomes the challenges of conventional code analysis tools by making installation and configuration quick and easy and leverages developer feedback to improve results over time continuously. By focusing on high-confidence bugs, Lift builds developer trust and ensures that developers pay attention and fix the issues when it does report.

Lift catches not just issues in the code developers write. Still, in the open-source libraries, they rely upon pulling software composition analysis data from Sonatype’s OSS Index to report vulnerable open source libraries as comments in code review. 

Strengthening the Developer and Open Source Communities

The Lift will be free forever for public repositories and serves open source maintainers by helping secure the software supply chain at its source. Sonatype’s long-standing commitment to supporting the world’s open source community began as a core contributor to Apache Maven and continues its stewardship of the Maven Central Repository, free developers tools including its OSS vulnerability database, and being an active member of the OpenSSF Foundation.

About Sonatype
Sonatype is the leader in developer-friendly, full-spectrum software supply chain automation providing organizations total control of their cloud-native development lifecycles, including third-party open-source code, first-party source code, infrastructure as code, and containerized code. The company supports 70% of the Fortune 100 and 15 million developers worldwide trust its commercial and open source tools. With a vision to transform the way the world innovates, Sonatype helps organizations of all sizes build higher quality software aligned with business needs, more maintainable, and more secure.

Spotlight

Spotlight

Related News

AI Tech

AI and Big Data Expo North America announces leading Speaker Lineup

TechEx Events | March 07, 2024

AI and Big Data Expo North America announces new speakers! SANTA CLARA, CALIFORNIA, UNITED STATES, February 26, 2024 /EINPresswire.com/ -- TheAI and Big Expo North America, the leading event for Enterprise AI, Machine Learning, Security, Ethical AI, Deep Learning, Data Ecosystems, and NLP, has announced a fresh cohort of distinguishedspeakersfor its upcoming conference at the Santa Clara Convention Center on June 5-6, 2024. Some of the top industry speakers set to take the stage are: - Sam Hamilton - Head of Data & AI – Visa - Dr Astha Purohit - Director - Product (Tech) Ops – Walmart - Noorddin Taj - Head of Architecture and Design of Intelligent Operations - BP - Temi Odesanya - Director - AI Governance Automation - Thomson Reuters - Katie Sanders - Assistant Vice President – Tech - Union Pacific Railroad - Prasanth Nandanuru – SVP - Wells Fargo - Rodney Brooks - Professor Emeritus - MIT These esteemed speakers bring a wealth of knowledge and expertise to an already impressive lineup, promising attendees a truly enlightening experience. In addition to the speakers, theAI and Big Data Expo North Americawill feature a series of presentations covering a diverse range of topics in AI and Big Data exploring the latest innovations, implementations and strategies across a range of industries. Attendees can expect to gain valuable insights and practical strategies from presentations such as: How Gen AI Positively Augments Workforce Capabilities Trends in Computer Vision: Applications, Datasets, and Models Getting to Production-Ready: Challenges and Best Practices for Deploying AI Ensuring Your AI is Responsible and Ethical Mitigating Bias and Promoting Fairness in AI Systems Security Challenges in the Era of Gen AI and Data Science AI for Good: Social Impact and Ethics Selling Data Democratization to Executives Spreading Data Insights across the Business Barriers to Overcome: People, Processes, and Technology Optimizing the Customer Experience with AI Using AI to Drive Growth in a Regulated Industry Building an MLOps Foundation for AI at Scale The Expo offers a platform for exploration and discovery, showcasing how cutting-edge technologies are reshaping a myriad of industries, including manufacturing, transport, supply chain, government, legal sectors, financial services, energy, utilities, insurance, healthcare, retail, and more. Attendees will have the chance to witness firsthand the transformative power of AI and Big Data across various sectors, gaining insights that are crucial for staying ahead in today's rapidly evolving technological landscape. Anticipating a turnout of over 7000 attendees and featuring 200 speakers across various tracks, AI and Big Data Expo North America offers a unique opportunity for CTO’s, CDO’s, CIO’s , Heads of IOT, AI /ML, IT Directors and tech enthusiasts to stay abreast of the latest trends and innovations in AI, Big Data and related technologies. Organized by TechEx Events, the conference will also feature six co-located events, including the IoT Tech Expo, Intelligent Automation Conference, Cyber Security & Cloud Congress, Digital Transformation Week, and Edge Computing Expo, ensuring a comprehensive exploration of the technological landscape. Attendees can choose from various ticket options, providing access to engaging sessions, the bustling expo floor, premium tracks featuring industry leaders, a VIP networking party, and a sophisticated networking app facilitating connections ahead of the event. Secure your ticket with a 25% discount on tickets, available until March 31st, 2024. Save up to $300 on your ticket and be part of the conversation shaping the future of AI and Big Data technologies. For more information and to secure your place at AI and Big Data Expo North America, please visit https://www.ai-expo.net/northamerica/. About AI and Big Data Expo North America: The AI and Big Data Expo North America is a leading event in the AI and Big Data landscape, serving as a nexus for professionals, industry experts, and enthusiasts to explore and navigate the ever-evolving technological frontier. Through its focus on education, networking, and collaboration, the Expo continues to be a beacon for those eager to stay at the forefront of technological innovation. “AI and Big Data Expo North Americais a part ofTechEx. For more information regardingTechExplease see onlinehere.”

Read More