Sonatype Introduces a New Deep Code Analysis Platform for Developers

Sonatype | June 17, 2021

Sonatype, the industry leader in developer-friendly solutions for software supply chain automation and security, announced Sonatype Lift (Lift), a first-of-its-kind cloud-native, deep code analysis platform. Lift installs in minutes and gives developer-friendly feedback on a wide variety of bug types, from lightweight style concerns to complex coding problems often seen in first-party source code and third-party open source libraries.

Cyber assaults grew rapidly last year, as bad actors increasingly target software supply chains to exploit vulnerabilities in commercial and open-source code, as shown by the SolarWinds and Codecov events. Even the world’s most significant companies are not immune to software quality defects making their way into production accidentally. Apple has revealed significant flaws in its Webkit browser SDK and iOS Kernel. As code quality concerns become more of a security concern, developers and security teams must collaborate to guarantee code is dependable and safe. Furthermore, as proven by the recent Fastly outage, innocent coding mistakes can inflict just as much damage.

Deep Code Analysis. Easy for Developers. Trusted by Security

Created to make developers’ and security teams’ lives easier, Lift fosters collaboration between the two, providing a unified code analysis pipeline that brings 26+ tools across 11 languages to catch a wide range of bug types. Because Lift’s results are reported in code review, developers and security engineers can collaborate on how best (or whether) to fix reported issues. With reporting during the peer review window proven to improve fix rates dramatically, Lift’s ability to provide insights at this critical point will be instrumental in improving code quality. 

This is the first code quality solution to bring the proven methods and technologies from Facebook (Infer) and Google (ErrorProne) and deliver them as a commercial platform. The unique way in which Lift works overcomes the challenges of conventional code analysis tools by making installation and configuration quick and easy and leverages developer feedback to improve results over time continuously. By focusing on high-confidence bugs, Lift builds developer trust and ensures that developers pay attention and fix the issues when it does report.

Lift catches not just issues in the code developers write. Still, in the open-source libraries, they rely upon pulling software composition analysis data from Sonatype’s OSS Index to report vulnerable open source libraries as comments in code review. 

Strengthening the Developer and Open Source Communities

The Lift will be free forever for public repositories and serves open source maintainers by helping secure the software supply chain at its source. Sonatype’s long-standing commitment to supporting the world’s open source community began as a core contributor to Apache Maven and continues its stewardship of the Maven Central Repository, free developers tools including its OSS vulnerability database, and being an active member of the OpenSSF Foundation.

About Sonatype
Sonatype is the leader in developer-friendly, full-spectrum software supply chain automation providing organizations total control of their cloud-native development lifecycles, including third-party open-source code, first-party source code, infrastructure as code, and containerized code. The company supports 70% of the Fortune 100 and 15 million developers worldwide trust its commercial and open source tools. With a vision to transform the way the world innovates, Sonatype helps organizations of all sizes build higher quality software aligned with business needs, more maintainable, and more secure.


A new era in cyber security has begun. In today’s complex digital environments, machines are fighting machines, and advanced attackers and criminal groups are contriving sophisticated new ways to perpetrate their missions. The corporate network has become a battlefield, where the stakes are control of digital assets and, ultimately, the ability of the organization to function.

Other News

Foxit Announces Launch of AI-Based Smart Redact

Foxit | April 13, 2022

Foxit, a leading provider of innovative PDF products and services, helping knowledge workers to increase their productivity and do more with documents, today announced the availability of Foxit Smart Redact, a new AI-powered tool providing document redaction. With the launch of Foxit Smart Redact, users now have an efficient and comprehensive tool that provides the ability to detect sensitive data within their PDF documents. Foxit Smart Redact helps users who want to redact sensitive information in PDF documents but need assistance in determining the exact words to redact in advance. With Smart Redact, users don't have to read through every page to find the sensitive information in each sentence. Instead, Smart Redact lists sensitive data contained in a PDF file. Security is a priority for the solution and Foxit Smart Redact is both TAA compliant and SOC 2 Certified. Key features of Foxit Smart Redact include: Smart Redact identifies sensitive data in PDF files Data transmission between PDF Editor and the Foxit cloud is encrypted by AES-256 User-created profiles allow users to select the confidential information they would like to remove for every type of document Foxit Smart Redact is fully integrated into Foxit PDF Editor as an optional plug-in. Foxit users can take advantage the tool's simple to use and powerful redaction capability while never having to leave the PDF editor where they are executing their typical document workflows. Smart Redact builds upon the redact capability in PDF Editor by expanding the number of automatic sensitive data pattern searches, including those without static patterns, such as person names, organization names, personal roles. "By leveraging artificial intelligence, Foxit Smart Redact dramatically improves the productivity of knowledge workers involved in redaction. Users will save time and reduce the potential for errors." Frank Kettenstock, CMO of Foxit About Foxit Foxit is a leading provider of innovative PDF products and services, helping knowledge workers to increase their productivity and do more with documents. Foxit addresses the needs of three distinct market segments. For End-User Productivity, Foxit delivers easy to use desktop software, mobile apps, and cloud services to make knowledge workers more productive. Foxit's Developer Solutions enable developers to incorporate powerful PDF technology into their applications. For Enterprise Automation, Foxit provides server software for large scale PDF document management and data capture.

Read More


HCL Technologies Launches Kubernetes Migration Platform to Accelerate Application Modernization

HCL Technologies | May 18, 2022

HCL Technologies (HCL), a leading global technology company, has launched its Kubernetes Migration Platform (KMP) to help organizations accelerate application modernization. HCL KMP is an automated solution that helps organizations migrate workloads from legacy on-premises and Cloud Foundry environments to modern Kubernetes-based platforms. KMP’s repeatable, reliable, and cost-effective approach enables organizations to reduce risk and complete migrations up to 120 times faster compared to manual alternatives. In addition, HCL KMP enables organizations to effortlessly move workloads between hybrid, multi-cloud environments built on different Kubernetes-based platforms, including; Google GKE, Microsoft Azure AKS, Amazon EKS, VMWare TKGI, Rancher, and Red Hat OpenShift. The platform offers organizations more freedom of choice, ensuring they are run on the most cost-effective platforms and helping to avoid vendor lock-in. “Enterprises have grown increasingly concerned with the operational costs of maintaining legacy Cloud Foundry environments in a cloud-native world. Limited modernization capabilities in Cloud Foundry have made it difficult to migrate to Kubernetes without an excessive investment of time and resources. KMP creates a bridge to the future, by offering our clients a fast, fully automated, and hassle-free journey to any Kubernetes-based platform.” Kalyan Kumar, CTO and Head of Ecosystems, HCL Technologies About HCL Technologies HCL Technologies (HCL) empowers global enterprises with technology for the next decade, today. HCL’s Mode 1-2-3 strategy, based on its deep-domain industry expertise, customer-centricity and entrepreneurial culture of Ideapreneurship™, enables businesses to transform into next-gen enterprises. HCL offers its services and products through three business units: IT and Business Services (ITBS), Engineering and R&D Services (ERS) and Products & Platforms (P&P). ITBS enables global enterprises to transform their businesses through offerings in the areas of applications, infrastructure, digital process operations and next generational digital transformation solutions. ERS offers engineering services and solutions in all aspects of product development and platform engineering. P&P provides modernized software products to global clients for their technology and industry specific requirements. Through its cutting-edge co-innovation labs, global delivery capabilities and broad global network, HCL delivers holistic services in various industry verticals, categorized as Financial Services, Manufacturing, Technology & Services, Telecom & Media, Retail & CPG, Life Sciences & Healthcare and Public Services.

Read More


DataRobot Selected by U.S. Department of Defense to Power Government’s AI Initiatives

DataRobot | February 14, 2022

AI Cloud leader DataRobot today announced its selection as an AI partner under a five-year $249 million-ceiling Blanket Purchase Agreement (BPA) awarded by the U.S. Department of Defense (DoD) Joint Artificial Intelligence Center (JAIC). Through this contract, DataRobot is tasked with transforming AI throughout the DoD ecosystem by providing its AI Cloud platform and services to accelerate the government’s use of emerging AI technologies including Machine Learning (ML), Deep Learning (DL), and Neural Networks (NN). DataRobot will support JAIC’s commitment to strategic and world-class AI solutions by: Providing a unified AI platform to enable all users across the DoD to quickly and successfully build and deploy mission-enabling AI projects Detecting, measuring, and standardizing bias prevention as a routine step in the machine learning process, driving more reliable operations and strategic solutions Operationalizing solutions for Testing and Evaluation (T&E) of AI-enabled systems, automated products, and autonomous systems Integrating AI T&E tools and services in alignment with JAIC’s architectures, technical standards, and security standards DataRobot’s end-to-end AI Cloud platform brings together disparate data and users, spanning expert data scientists to IT operators to analysts, through enhanced collaboration and continuous optimization across the entire AI lifecycle. Built as a multi-cloud platform, DataRobot AI Cloud can be deployed in a combination of public clouds, data centers, or at the edge, with governance to protect and secure even the most highly-regulated organizations. AI has the power to shape the next generation of U.S. Defense operations, ensuring the safety of our citizens, personnel and allies. We’re proud to support the JAIC’s mission to maximize the full potential of AI, and we share the DoD’s commitment to solving complex and mission-critical problems with better, faster, data-driven solutions that are accessible for all.” Jim Watson, VP, Sales, Federal & Public Sector, DataRobot About DataRobot DataRobot AI Cloud is the next generation of AI. DataRobot’s AI Cloud vision is to bring together all data types, all users, and all environments to deliver critical business insights for every organization. DataRobot is trusted by global customers across industries and verticals, including a third of the Fortune 50

Read More


Tanla, forge exclusive partnership to offer Conversational AI Solutions

Tanla | June 13, 2022

Tanla, a leading global CPaaS provider, and, the world's leading enterprise conversational AI software platform and solutions company, today announced an exclusive partnership in five countries – India, United Arab Emirates, Indonesia, Vietnam, and Philippines. This partnership is a momentous step forward in offering enterprises and brands the ability to upraise the digital experiences of their key stakeholders: customers, partners, and employees through best-in-class conversational artificial intelligence (AI) based Natural Language Processing (NLP) system. For the users, this effectively translates into digital interactions truly becoming intuitive and meaningful. Recognized as a Leader in Gartner's Enterprise Conversational AI Platforms Magic Quadrant 2022, offers an enterprise-grade, end-to-end, no-code conversational AI platform and AI-first solutions that serve as a secure foundation for enterprises to design, build, test, host, deploy and manage virtual assistants, process assistants and conversational digital applications for optimized customer, employee and agent experiences across voice and digital channels. The Experience Optimization Platform (XO) supports on-prem and cloud deployments for more than 35 channels in 100 languages. also brings with it an experienced and dedicated team to jointly accelerate product development and go-to-market (GTM) with Tanla in India and other focus geographies. Tanla is an industry leader in CPaaS, serving marquee clients across all major industries and transforming the way the world collaborates and communicates through innovative CPaaS solutions. It touches over a billion lives with its purpose "EC*2" i.e., "shaping the world of trusted digital experiences to empower consumers and enable companies." Tanla's Wisely platform is an embodiment of a step towards this purpose. Co-developed with Microsoft, Wisely is the world's first blockchain-powered cloud-based platform that connects enterprises and suppliers through a secure 'express route', ensuring complete transparency and a single source of truth that results in immutable audit trails and zero dispute settlements. Gartner has recognized Tanla in the 2021 CPaaS Competitive landscape based on a combination of prominence and the unique features of Wisely. The conversational AI market is growing at a rate of approximately 21% CAGR (source: Market Digits) while the Indian market itself is expected to grow at a rate of 25% CAGR (source: Gartner, Expert Interview). This outlook presents a huge growth opportunity in the conversational space. Tanla's rich communication portfolio and a strong customer base coupled with's conversational AI capabilities and large development organization will position the duo as a leader, enabling enterprises to deliver advanced, highly intelligent, and personalized experiences to their customers across their brand's digital touchpoints. "Enterprises are looking for technologies that help them create extraordinary customer and employee experiences, which positively impact business outcomes. Through this partnership, Tanla and will jointly offer a first-of-its-kind customer engagement platform offering conversation-first experiences that can automate and optimize voice and chat interactions across multiple channels, languages, and regions, while retaining the human touch all through. We are thrilled to work with a partner like Tanla that will help us advance our vision of creating extraordinary customer, employee, and agent experiences." Raj Koneru, Founder and CEO of Today's enterprises require a conversational AI provider, a channel delivery partner, a marketing partner to promote the intelligent virtual assistant, and a separate implementation partner to be able to set up effective conversational bot support. However, with the coming together of Tanla and, enterprises will be able to leverage their end-to-end capabilities and consultative support without having to go through multiple stops and partners. Some notable advantages of this also include access to a no-code virtual assistant development platform, an implementation team, omnichannel communication, campaign management for marketing, advanced analytics, and much more to support enterprises with unparalleled end-to-end ownership and quality assurance. "The Tanla – business partnership is a key milestone in our pursuit to provide best-in-class next-gen solutions to our enterprise customers. This partnership will provide cutting-edge AI solutions on Wisely Platform to help clients realize the value of truly omnichannel digital customer experiences," said Uday Reddy, Founder Chairman and CEO, Tanla Platforms Limited. Tanla and are confident that this collaboration will usher in a new era of automated and seamless digital communication that will elevate customer experience to new heights while helping enterprises build a better relationship with their customers. About is a global leader in the conversational AI-first platform and solutions helping enterprises automate business interactions to deliver extraordinary experiences for their customers, employees, and contact center agents. More than 200 Fortune 2000 companies trust's experience optimization (XO) platform and technology to automate their business interactions for over 100 million users worldwide to achieve extraordinary outcomes. has been recognized as a leader and an innovator by top analysts and ensures the success of its customers through a growing team headquartered in Orlando with offices in India, the UK, Japan, South Korea, and Europe. About Tanla Tanla Platforms Limited transforms the way the world collaborates and communicates through innovative CPaaS solutions. Founded in 1999, it was the first company to develop and deploy A2P SMSC in India. Today, as one of the world's largest CPaaS players, it processes more than 800 billion interactions annually and about 63% of India's A2P SMS traffic is processed through Trubloq, making it the world's largest Blockchain use case. Wisely, our patented enterprise-grade platform offers private, secure, and trusted experiences for enterprises and mobile carriers. Tanla Platforms Limited is headquartered in Hyderabad. Tanla is listed on two national exchanges, the NSE and BSE (NSE: TANLA; BSE:532790) and included in prestigious indices such as the Nifty 500, BSE 500, Nifty Digital Index, Nifty Alpha FTSE Russell and MSCI.

Read More


A new era in cyber security has begun. In today’s complex digital environments, machines are fighting machines, and advanced attackers and criminal groups are contriving sophisticated new ways to perpetrate their missions. The corporate network has become a battlefield, where the stakes are control of digital assets and, ultimately, the ability of the organization to function.