Software development is evolving. 90% of modern applications use open source code for good reason—speed. But when open source components go unmaintained, they become liabilities that leave organizations open to security and licensing risks. This week on the podcast, The Millennium Alliance welcomed partner Brian Fox, CO-Founder and CTO of Sonatype to discuss how they are helping customers get a better handle on software supply chain security. Sonatype’s Software Supply Chain Report shows an average 742% increase in software supply chain attacks each year since 2019, it’s now thr time for leaders to emphasize the continued importance of and investment in cybersecurity organizations prepare to mitigate liability Brian also discusses how the new National Cybersecurity Strategy calls for cybersecurity liability and holding software providers responsible, the impact on software development, and how can organizations prepare to mitigate liability.

Listen on Spotify, Apple, Amazon Music, and Google Podcasts.

About Sonatype

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype pioneered componentized software development and has a rich history of supporting open source innovation. Today, more than 150,000 organizations depend on Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, Morgenthaler Ventures, Bay Partners and Goldman Sachs.

To learn more, visit sonatype.com.