Software Composition Analysis with Sonatype

For Fortify on Demand, an application security as a service, Sonatype's leading automated open source governance solution, is Fortify's preferred Software Composition Analysis (SCA) partner, delivering the advantages of a single, fully integrated application security platform, without compromising depth and capability in managing open source risk and vulnerabilities.

For Fortify’s on premise application security solutions and Software Security Center (SSC), an integration optimized specifically for Fortify SSC and Sonatype customers provides the advantages of a single, integrated application security platform, without compromising depth and capability in managing open source risk and vulnerabilities.

About Sonatype
More than 10 million software developers rely on Sonatype to innovate faster while mitigating security risks inherent in open source. Sonatype’s Nexus platform combines in-depth component intelligence with real-time remediation guidance to automate and scale open source governance across every stage of the modern DevOps pipeline. Sonatype is privately held with investments from Accel Partners, Goldman Sachs, Hummer Winblad Venture Partners, and TPG.

About Micro Focus Fortify
Micro Focus helps organizations run and transform their business through four core areas of digital transformation: Enterprise DevOps, Hybrid IT Management, Predictive Analytics and Security, Risk & Governance. Driven by customer-centric innovation, our software provides the critical tools they need to build, operate, secure, and analyze the enterprise. By design, these tools bridge the gap between existing and emerging technologies—enabling faster innovation, with less risk, in the race to digital transformation.

- Connect with peers and share your knowledge
- Find solutions and answers to your technical questions
- Stay informed on new releases and product enhancements
- Access downloads, demos, videos and support tips