Deal Targets Open Source Library Risks in Software Supply Chain, Boosts DevSecOps. The integration of Tidelift into Sonar’s ecosystem will enhance software supply chain security by leveraging human-verified insights from maintainers of popular open source libraries. Developers can expect comprehensive tools to address vulnerabilities in first-party, AI-generated, and third-party code.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/sonar-expands-to-third-party-code-security-tidelift-buy-a-27086
