Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.
Sonatype has acquired Vor Security.
Ken Duck, founder and CEO of Vor will join the product and engineering team at Sonatype to continuously expand and refine the open source component intelligence service that underpins the Nexus platform.
As founder and CEO of Vor, Duck created the OSS Index, an innovative and free online index of known open source software vulnerabilities. Today, the index contains more than 2.1 million packages and detailed information on more than 120,000 vulnerabilities across an array of open source ecosystems.
Sonatype also introduced Nexus Lifecycle XC, a new data service delivered via the Nexus IQ server that will provide organizations with component intelligence covering a wide swath of open source ecosystems and formats including Ruby, PHP, Swift, CocoaPods, Golang, C, and C++.
Compared to the precisely accurate open source intelligence offered by Nexus Lifecycle for Java, JavaScript, NuGet, and PyPI -- traditional vendors of Software Composition Analysis (SCA) tools have long provided commodity open source intelligence across a broad spectrum of ecosystems.
Over time, organizations have come to value the unique accuracy of Nexus Lifecycle data for Java, JavaScript, NuGet, and PyPI; but they still require open source intelligence for a wide variety of other ecosystems. Beginning today, Sonatype is delivering a win-win intelligence engine that combines the depth of Lifecycle data for machine automated open source controls with the breadth of Lifecycle XC data for foundational open source governance.
“Empowering software development teams with broad and precise visibility into the open source supply chain is critical to practicing proper application security hygiene. Sonatype’s world-class team has led the way in bringing remarkably accurate component intelligence to the forefront of the DevOps movement, and I am excited to join forces with their amazing team and continue the journey,” said Ken Duck, CEO of Vor Security.
“Since its introduction in 2012, Nexus Lifecycle has seen tremendous acceptance in the market because it provides remarkably precise and accurate intelligence with respect to open source components across Java, JavaScript, NuGet, and PyPI. While enterprise customers, especially those practicing DevOps, place a premium value on the accuracy and precision of our Nexus Lifecycle data, they also need intelligence for a wide variety of other formats and ecosystems. The combination of Lifecycle and Lifecycle XC gives customers the best of both worlds -- a premium intelligence service that fully automates enforcement of open source policies inside of a DevOps pipeline, plus a stock data intelligence service to inform basic hygiene for all other ecosystems,” said Wayne Jackson, CEO of Sonatype.
Industry News
Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.
Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.
Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.
Platform9 announced that Private Cloud Director Community Edition is generally available.
Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.
CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.
Mirantis announced the k0rdent Application Catalog – with 19 validated infrastructure and software integrations that empower platform engineers to accelerate the delivery of cloud-native and AI workloads wherever the\y need to be deployed.
Traefik Labs announced its Kubernetes-native API Management product suite is now available on the Oracle Cloud Marketplace.
webAI and MacStadium(link is external) announced a strategic partnership that will revolutionize the deployment of large-scale artificial intelligence models using Apple's cutting-edge silicon technology.
Development work on the Linux kernel — the core software that underpins the open source Linux operating system — has a new infrastructure partner in Akamai. The company's cloud computing service and content delivery network (CDN) will support kernel.org, the main distribution system for Linux kernel source code and the primary coordination vehicle for its global developer network.