(Photo courtesy Sonatype/YouTube)
Fulton-based Sonatype is bringing on some deeper knowledge about potential security vulnerabilties with an acquisition.
The company that makes tools to automate software processes and potential holes in open source code acquired Vor Security, which is based in Ottowa, Canada. Terms were not disclosed.
Vor Security founder Ken Duck created the OSS Index, which is an index of open source software vulnerabilities. The startup complied details on 120,000 security vulnerabilities. Access is initially free, and the company also offers premium licensing and support.
— Derek E. Weeks (@weekstweets) June 29, 2017
The two companies are also complementary in their approach.
“Vor approached the vulnerability correction and assignment from the project to the components, which is exactly opposite of the Sonatype approach of finding the vulnerable code and tracking it back to the released component,” Sonatype’s Brian Fox wrote in a blog post about the deal. “By merging the top down and bottom up approaches, we can significantly increase our vulnerability coverage.”
Sonatype was founded in 2010 by Wayne Jackson, who was previously CEO of Sourcefire. The company raised $30 million last year, and has a host of corporate clients.
Duck, the Vor founder, will join Sonatype in the deal.-30-
The acquisition deal for Columbia-based Osiris Therapeutics is now complete
What’s the word? Contribute to our list of cybersecurity terms to know
Baltimore’s Paragon Bioservices to be acquired by drug manufacturer Catalent for $1.2B
How SmartLogic accelerated these startups’ product growth trajectories
Power Moves: Frank Bonsal III is leaving TU incubator, returning to venture capital
Inside the North Baltimore company that discovered some of tech’s biggest security vulnerabilities
Baltimore’s ABS Capital Partners leads $23M Series A for Florida cybersecurity company
This fast-growing SaaS company aims to be a force for change in the energy industry
Sign-up for daily news updates from Technical.ly Baltimore