IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Sonatype launches new SBOM Manager at KubeCon Europe
Fri, 22nd Mar 2024

Software supply chain management specialists, Sonatype, recently launched their new SBOM (Software Bill of Materials) Manager at KubeCon Europe. This revolutionary solution equips businesses to maintain global compliance and bolster cyber security within their software supply chains.

Sonatype's SBOM Manager offers enhanced compliance functionalities, advanced security measures, and strategic advantages. These unique offerings stand as testament to Sonatype's continuous commitment to innovation, security, and compliance in the software industry.

The SBOM Manager announced by Sonatype is an industry-first, integrated, one-stop hub for SBOM management, monitoring and distribution. This unique solution enables companies to manage SBOMs originating from third-party vendors. This management technique, powered by Sonatype's proprietary data and security research, sets a new standard for compliance, scalability, and cyber security.

There is a mounting demand for increased transparency in software development, with regulations like the EU's NIS2 Directive, the US Executive Order on Improving Cybersecurity and mandates from the PCI Security Standards and the FD&C Act for medical device manufacturers. These emerging requirements highlight the pressing need for visibility into software supply chains, making SBOMs an essential tool for modern businesses and government agencies.

Mitchell Johnson, Chief Product Development Officer at Sonatype, said, "as software development and distribution continue to evolve, so too do the challenges associated with managing risk, compliance, and technical debt. Sonatype's SBOM Manager was developed with a deep understanding of these challenges as a software supply chain pioneer."

Features of Sonatype's SBOM Manager include a powerful yet easy to use system of record for all SBOMs, enabling comprehensive management at the enterprise's fingertips. The solution also supports third-party software SBOMs, allowing organisations to maintain complete visibility and control. It allows users to stay ahead of global regulations through enhanced compliance measures, while also enabling proactive identification and mitigation of vulnerabilities in the software supply chain through advanced security.

Designed to help businesses gain a competitive edge in software security and compliance, the new manager also optimises efficiency by automating SBOM generation, management, and monitoring.

CTO of Sonatype, Brian Fox, expressed, "our SBOM Manager turns these ingredient lists into actionable assets, allowing organisations to actually use their SBOMs for improving security and compliance. It's about making SBOMs work for you, not just collecting them."

According to the company, Sonatype’s SBOM Manager is more than just a tool, it is a strategic asset designed to help organisations succeed in the fast-paced and heavily regulated digital world. Following the recent release of their first-of-its-kind AI and machine learning (AI/ML) component detection feature, Sonatype is set to continue breaking new ground in software supply chain optimisation.

The Sonatype SBOM Manager will be generally available from June 2024. Previous to that, it will be available as a SaaS solution, with on-premise and air-gapped options available later this year.