Case Study: Bloomberg Industry Group achieves dramatic improvements in open source governance and a strengthened software supply chain with Sonatype's Nexus Lifecycle

A Sonatype Case Study

Preview of the Bloomberg Industry Group Case Study

Dramatic Improvements to Open Source Governance and a Strengthened Software Supply Chain Using Nexus Lifecycle

Bloomberg Industry Group, led on security by Bryan Batty, faced the common challenge of governing a large, open source–heavy software supply chain: tracking component versions, licenses, and known vulnerabilities across many projects, building a secure pipeline and SBOMs, and reducing time spent on emergency upgrades and remediation.

By adopting Sonatype Nexus Lifecycle and integrating it into their toolchain, Bloomberg gained continuous software composition analysis that identifies safe component versions, license issues, and known vulnerabilities. The result was dramatic improvement in open source governance and a strengthened software supply chain—less time spent remediating issues, more security built into development, and fewer painful large-scale upgrades.

Open case study document...

Bloomberg Industry Group

Bryan Batty

Director of Product and Infrastructure Security

Sonatype

42 Case Studies

Case Study: Bloomberg Industry Group achieves dramatic improvements in open source governance and a strengthened software supply chain with Sonatype's Nexus Lifecycle

Dramatic Improvements to Open Source Governance and a Strengthened Software Supply Chain Using Nexus Lifecycle

Bloomberg Industry Group

Sonatype

Was it helpful? Rate this case study:

Thank you for your feedback.