Sonatype’s Nexus Lifecycle Leverages Red Hat OpenShift Operator Certification, Provides Software Bill of Materials Visibility
Sonatype, the pioneer of software supply chain management, announced that Sonatype’s Nexus Lifecycle is better positioned to leverage its Red Hat OpenShift Operator Certification, to help provide intelligent insight into the open source components Red Hat OpenShift customers are using.
Sonatype’s Nexus Lifecycle combined with Red Hat OpenShift, creates an automated process that encourages component integrity and provides enhanced security features by developing a Software Bill of Materials (SBOM) that is license-compliant and highlights open source vulnerabilities. The certification will help enable Red Hat OpenShift customers to more easily and efficiently design an SBOM—helping enterprises mitigate risk across their software development lifecycle, and organizations required to meet the new U.S. federal cybersecurity requirement.
“We are pleased that Sonatype’s Nexus Lifecycle Red Hat OpenShift Operator Certification is now positioned to further extend choice and flexibility for customers on the industry’s leading enterprise Kubernetes platform,” said Mark Longwell, director, Partner Alliances, Hybrid Platforms, Red Hat. “IT Security continues to be a top priority for organizations, and with this enhanced certification, Sonatype helps provide Red Hat OpenShift customers greater insight into the development and security of their software.”
With Sonatype as a Red Hat OpenShift Certified Operator, customers gain easier access to deploy Sonatype Nexus Lifecycle in one click via the Operator catalog section on Red Hat OpenShift. Operators also provide automation across the stack—from managing the parts that make up the platform all the way to applications that are provided as a managed service.
“By leveraging this Red Hat OpenShift Operator Certification, Red Hat OpenShift users can now more easily integrate an automated production-ready SBOM into their Red Hat OpenShift pipelines, adding increased transparency into development that can help stop downstream cyber-attacks,” said Bruce Gordon, SVP of Global Channels & Alliances at Sonatype. “This collaboration will help provide Red Hat and Sonatype customers with increased intelligence for creating and maintaining secure-focused, quality and innovative software at scale.”
The collaboration will benefit from Sonatype’s status as a Red Hat Advanced Business Partner, and from Sonatype’s Nexus Lifecycle’s certification as an open source and dependency management tool.