Innovation Showcase: Traditional Software Composition Analysis (SCA) is Not Enough: Protecting Mission-Critical Software
Wednesday, January 29, 2025: 9:40 AM - 10:00 AM
Speaker(s)
Description
As the Department of Defense leverages advanced technology to maintain mission-critical readiness, the software landscape continues to evolve. With open-source software downloads exceeding 6.6 trillion in the past year, innovation has accelerated—but so have risks to the DOD’s software supply chain, including open-source malware and “persistent risk.”
In this session, Sonatype and MFGS, Inc., will demonstrate how integrating Sonatype's software supply chain management solutions with OpenText Fortify delivers a powerful, end-to-end approach to software supply chain security. Together, we’ll explore how to:
• Enhance DOD Cybersecurity Compliance: Use OpenText Fortify’s application security tools in tandem with Sonatype’s Software Bill of Material (SBOM) Manager and SCA solutions to streamline compliance with mandates such as NIST SP 800-218 and CISA guidelines.
• Strengthen Threat Detection: Leverage Fortify’s Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) capabilities alongside Sonatype’s automated security checks and open-source malware detection to eliminate vulnerabilities throughout the software development lifecycle.
• Achieve Full Lifecycle Security: Integrate Fortify’s security testing with Sonatype’s automated dependency management to address risks early and continuously monitor software quality.
• Improve Software Integrity Across the Mission: Ensure secure, well-maintained components are deployed across DOD projects, safeguarding operational success.
Join us to learn how the synergy between Sonatype and OpenText Fortify help modernize software supply chain management, reduce risk, and support the DOD's mission to secure national defense initiatives.
Tracks:
Handouts