Software development vendor Sonatype is tacking this issue with its updated component lifecycle management (CLM) 1.8 release. The basic idea behind CLM is to make sure that the components used in application development and deployment are up to date, which helps limit the risk of exploitation from known and already-patched software defects. With its CLM 1.8 release Sonatype tweaked the software to make it more transparent for an organization to determine risk as well as to determine options for swapping out a risky component with a better one.
“Most fundamentally we’re about helping organizations develop better software,” Sonatype CEO Wayne Jackson told eSecurity Planet. “Last year we served something on the order of 13 billion open-source components.”
Read the full story at eSecurity Planet:
Securing Apps Starts with Code: Sonatype
Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.