Sonatype Names Prominent Security Strategist Joshua Corman as CTO

      Sonatype Names Prominent Security Strategist Joshua Corman as CTO

PR Newswire

FULTON, Md., Jan. 16, 2014

FULTON, Md., Jan. 16, 2014 /PRNewswire/ --Sonatype, the software company that
enables developers to rapidly build secure software while also eliminating
compliance and licensing risk, today announced the hiring of respected IT
security strategist, advocate, and philosopher Joshua Corman as the company's
Chief Technology Officer.

Prior to Sonatype, Corman served as a security researcher and executive at
Akamai Technologies, The 451 Group, and IBM Internet Security Systems, among
other firms. A well-regarded innovator, he co-founded Rugged Software and
IamTheCavalry to encourage the development of new cyber security solutions in
response to the world's increasing reliance on digital infrastructure.
Corman's unique approach to addressing cyber security in the context of human
factors and social impact has helped position him as one of the most trusted
names in IT security. He also serves as adjunct faculty for Carnegie Mellon's
Heinze College, IANS Research, and as a Fellow at the Ponemon Institute.

In his capacity as CTO, Corman will research new technologies and software
development trends to help evolve Sonatype's product strategy. Additionally,
Josh will work with the broader IT community as well as policy and standards
bodies to improve software development security standards and best practices.

"We are thrilled to have Josh on board," said Wayne Jackson, CEO, Sonatype.
"As a highly trusted IT security practitioner and thought leader, Josh shares
our passion and concern for properly securing enterprise software applications
in a rapidly changing world. His community reach and command of technology
will serve Sonatype, the user community, and businesses at large well." 

"Our dependence on software is growing faster than our ability to secure it.
Afterthought security alone cannot keep pace," said Joshua Corman, CTO,
Sonatype. "I look forward to working with Sonatype to drive more defensible
and dependable software practices – at scale and earlier in the lifecycle. As
3^rd party and open source components are the backbone of most modern
software, I believe Sonatype addresses a critical and neglected piece of the
puzzle and will have significant impact." 

Today, 90 percent of the typical enterprise application is comprised of 3^rd
party and open source building blocks, known as components. These reusable
components allow for great speed, efficiency and innovation. The downside is
that without proper insight and governance, organizations risk crippling
attacks, licensing liability, and compliance exposure. 71 percent of
applications contain components with known security flaws classified as severe
or critical and an alarming 76 percent of all organizations have no component
management policies in place.

With automated governance, monitoring, and alerts, Sonatype Component
Lifecycle Management enables enterprises to accurately identify flawed
components and proactively fix these components throughout the software
development lifecycle. Five of the world's largest banks, multiple
multinational corporations, and several of the United States' largest
government agencies have recently enlisted Sonatype to assist them in
addressing what is, for many, an application security crisis. 

About Sonatype:

Sonatype's software protects the world's enterprise software applications from
security, compliance, and licensing risks, while reducing application
development and deployment time. Every day, millions of developers build
software applications from open source building blocks, known as components.
Customers rely on Sonatype software to select and use the best components
from the start of the development lifecycle so that trustworthy applications
can also meet release deadlines. Policy automation, ongoing monitoring, and
proactive alerts ensure these applications remain secure over time. Sonatype
is privately held with investments from New Enterprise Associates (NEA), Accel
Partners, Bay Partners, Hummer Winblad Venture Partners, and Morgenthaler
Ventures. Visit:

SOURCE Sonatype

Contact: Tony Keller,, (312) 750-0858
Press spacebar to pause and continue. Press esc to stop.