Wikis - Page

Debricked Software Composition Analysis Fortify on Demand Debricked Assessment Subscription SaaS 21.2

0 Likes

Features and Benefits:

We are thrilled to share we are integrating Debricked software composition analysis (SCA) into our leading AppSec-as-a-service offering Fortify on Demand as we roll out our next release over the coming weeks. We have also announced the extension and refocusing of our long-time partnership with Sonatype to better serve on-premises deployments. The Fortify on Demand team is fully committed to supporting you through this transition from Sonatype to Debricked technology in Fortify on Demand.

Important Updates for Software Composition Analysis Users
for Fortify on Demand

As the growth of open-source utilization to accelerate the development process continues, the health and security of these components becomes crucial for building secure applications. Our vision at Fortify has always been to deliver the best holistic, inclusive, and extensible platform that supports securing the breadth of your app portfolio. To extend that platform, earlier this year we acquired Debricked, a developer-centric open source intelligence company aimed at innovating how organizations secure their software supply chain for today and the future.

We are thrilled to share we are integrating Debricked software composition analysis (SCA) into our leading AppSec-as-a-service offering Fortify on Demand as we roll out our next release over the coming weeks. This exciting advancement will bring you, our customers:

  • The ability to perform SAST+SCA in a single scan through the UX you are familiar with
  • Comprehensive risk visibility with AppSec results in a single pane of glass
  • Additional capabilities such as being able to download Debricked SCA results as a CycloneDX SBOM and import 3rd party CycloneDX SBOMs into Fortify on Demand
  • Continued innovation with an exciting joint roadmap for the future

We have also announced the extension and refocusing of our long-time partnership with Sonatype to better serve on-premises deployments. The Fortify on Demand team is fully committed to supporting you through this transition from Sonatype to Debricked technology in Fortify on Demand. As an existing customer of integrated Sonatype SCA through Fortify on Demand, we wanted to make sure you were aware that:

  • The ability to purchase or renew integrated Sonatype Assessments through Fortify on Demand will end on January 31, 2023.
  • Sonatype integration with Fortify on Demand will reach end of life on January 31, 2024.
  • Fortify on Demand will fully utilize Debricked for integrated SCA assessments from February 1, 2024 moving forward.

We recognize some of our customers may want to explore Sonatype's native capabilities or establish a direct relationship with Sonatype. For that, or any other questions you may have around this announcement or the upcoming release, we encourage you to reach out to your Micro Focus account manager, our Sonatype partner team (MJ Yamat and Christine Bobba) or Sonatype directly (Bruce Gordon and Paul Volkman).

Comment List
Related
Recommended