Goldman Sachs Leads $30M Round in Sonatype

Goldman Sachs Leads $30M Round in Sonatype

Goldman Sachs has led a $30 million investment in software developer Sonatype Inc. to help protect the quality of its open source software.The funding, made through Goldman's Principal Strategic Investments Group, is a recognition of how even long-established companies are using open-source software to cut costs and raise efficiency, even though the software is freely available on the Web and is sometimes developed by volunteers. Learn more.

more

Sonatype Snares $30 Million Investment Led By Goldman Sachs

Md.-based cyber firm picks up $30 million led by Goldman Sachs

The last time Goldman Sachs put an attention-getting chunk of money into a D.C. start-up it worked out pretty well – the firm’s early investment in Applied Predictive Technologies paid off big-time last year when APT sold to Mastercard for $600 million. This time the start-up is a Fulton, Md.-based cybersecurity company called Sonatype. The company is planning to announce Thursday it has raised $30 million from investors led by Goldman’s Principal Strategic Investments Group.

more

Sonatype Snares $30 Million Investment Led By Goldman Sachs

Goldman Sachs Leads $30 Million Investment in Software Supply Chain Fixer

Sonatype said Thursday it raised $30 million in a round of financing led by the principal strategic investments group at Goldman Sachs GS 0.65% . All previous investors—including New Enterprise Associates, Accel, Bay Partners, Hummer Winblad Venture Partners, and Morgenthaler Ventures—participated in the round, and the firm has accumulated about $75 million in total funding to date.

more

Sonatype Snares $30 Million Investment Led By Goldman Sachs

Sonatype Snares $30 Million Investment Led By Goldman Sachs

Sonatype, a company that helps customers create automated, policy-driven software component security, announced a $30 million round today led by Goldman Sachs.Sonatype works to ensure that open source components used in much of Goldman’s (and just about every company’s) software are safe and up-to-date in an automated fashion.

more

Software Supply Chain Pioneer Sonatype Completes $30 Million Financing Led By Goldman Sachs

Fulton, MD – February 4, 2016 – Sonatype, the company dedicated to helping IT organizations deliver higher quality software even faster, today announced the completion of a $30 million equity and debt financing led by Goldman Sachs’ Principal Strategic Investments Group, with all current investors participating in the round. The investment will be used to accelerate sales, marketing, product development, and international market opportunities.

more
Infosec World

InfoSec World 2016

Date: April 4-6, 2016
Location: Lake Buena Vista, FL

Josh Corman will be hosting "Fireside Chat: Winning at a Losing Game: Hacking Incentives to Change Our Fate" at InfoSec World 2016!

more

Breakfast Briefing: Rugged DevOps

Breakfast Briefing: Rugged DevOps

Date: Thursday, February 11th at 9:00 - 11:00 GMT
Location: The Ritz, London, UK

DevOps helps us make better software, faster but how can we ensure we are building security into our DevOps organisation, interactions and toolchain? In this breakfast briefing our panel of DevOps experts from Ranger4 and Sonatype will consider this question and discuss practical approaches to ensure Rugged DevOps success.

more

DevNexus

DevNexus

Date: February 15 - 17th
Location: Atlanta, GA

Sonatype is a proud sponsor of DevNexus. Stop by our booth to learn more about how we're transforming development with software supply chain efficiency.

more

DevOps Days London

DevOps Days London

Date: April 19 - 20th
Location: London, UK

Sonatype is a proud sponsor of DevOps Days London.

more

QCon London

QCon London

Date: March 7 - 9th
Location: London, UK

Sonatype is a proud sponsor of QCon London. Stop by our booth to learn more about how we're transforming development with software supply chain efficiency.

more

RSA Conference

RSA Conference

Date: February 29th - March 4th
Location: Moscone Center, San Francisco, CA

Sonatype is a proud sponsor of the RSA Conference 2016. Stop by our booth to learn more about unifying DevOps ad AppSec with Software Supply Chain efficiencies.

more

Sonatype Introduces World’s First Repository Firewall: Continues to Reinvent How Quality Software is Manufactured

Nexus Firewall to Help Tens of Thousands of Enterprises Automatically Eliminate Use of Defective Open Source From the Start

Fulton, MD – December 15, 2015 – Sonatype, the leader in software supply chain automation, today released Nexus Firewall (patent pending). Nexus Firewall provides perimeter quality control for software development. Similar to a network firewall, it leverages a set of organizationally defined rules that use automation to shield an organization from obsolete or dangerous open source and other third party components from entering or exiting application development.

more

Cnn Money Unwritten Rules Of Hacking

Unwritten Rules of Hacking

Sonatype CTO Josh Corman is featured in CNN Money news segment from DefCon 2015 in Las Vegas, discussing white hat hacking as a force for good.

more

Safer Open Source Code Inside The Enterprise – Sonatype Nexus Firewall

Just in case you missed it, open source technology and the community contribution model of open software engineering has been widely validated by previously proprietary-only firms. The ‘cancer’ that was Linux is now a widespread standard across the server space… and Android has done for smartphones what sliced bread did for sandwiches i.e. it made them functional easier in some cases and often cheaper. 

more

The IoT and hackable human

Join host Dan Lamorena for this episode of Discover Performance Weekly, which features Daniel Miessler, a leading IoT expert and former practice principal with HP Enterprise Security Products; Josh Corman, CTO at Sonatype and co-founder of RuggedSoftware.org; and Paul Muller, VP of strategic marketing at HP. This is the fourth installment in a series that covers Big Data intelligence, security vs. privacy, encryption, DevOps and SecOps, and securing the Internet of Things.

more

Who let security into DevOps?

Join host Dan Lamorena for this episode of Discover Performance Weekly, featuring Daniel Miessler, a leading IoT expert and former practice principal with HP’s Enterprise Security Products; Josh Corman, CTO at Sonatype and co-founder of RuggedSoftware.org; and Paul Muller, VP of strategic marketing at Hewlett Packard. This is the last installment in a series covering Big Data intelligence, security vs. privacy, encryption, DevOps and SecOps, and securing the Internet of Things.

more
Sonatype Webinar

Webinar: Yes, A "Firewall" for Bad Binaries

On-Demand Recording

Nexus repository managers first revolutionized software builds, making them faster and more reliable. Now we are arming your repositories with supply chain intelligence and policy automation to keep the bad components out and let the good components in. No more labor intensive research and manual approval processes. Watch this on-demand recording to see Nexus Firewall live.

View now.

more
Sonatype Webinar

Webinar: Running Docker in Production? A Premium Private Registry is a Must

On-Demand Webinar

Before rolling Docker into production, users are demanding access to private registries to securely store and manage their Docker images. With private repositories, you can provide secure, role-based access controls and have a clean chain of custody to ensure what you build is what you deploy. Watch as Chris Riley, DevOps analyst at Fixate and Jeffry Hesse, Nexus product owner at Sonatype discuss the importance of having a premium private Docker registry. View now!

more
Sonatype Webinar

Webinar: Experts Share DevOps / CD Reference Architectures

On-Demand Recording

On October 1, join Dave Farley, co-author of Continuous Delivery, along with Curtis Yanko and Brian Dawson, two experienced practitioners who will share powerful stories from the front lines of managing Continuous Delivery and DevOps practices in top fortune 500 companies. Learn from their best practices for securing new investments, driving process changes, and selecting tools to support their software factories.

more

Thumb Mashable

All the cyberattacks on the U.S. government (that we know of)

Federal agencies have suffered at least a dozen major data breaches or network intrusions since 2007. Such attacks — often suspected to be state-sanctioned — are distinct from the kinds of cyber-assaults that have targeted commercial entities, such as retailers or banks. Experts say these are high-tech means toward an old-fashioned end: Espionage.

more

When Good Code Goes Bad

Milk spoils. Iron rusts. And software goes bad. Yet the difference is, with the first two, you know the change has occurred. With software, those changes are not always obvious. Unlike other industries that rely on supply from other organizations, software development has no clear way to understand when an open source or proprietary component 'part' is found to be defective.

more
Sonatype Webinar

Continuous Acceleration with a Software Supply Chain Approach

On-Demand Recording

Join Gene Kim, CTO, researcher and author of the best-selling book “The Phoenix Project” and Josh Corman, Sonatype CTO and co-founder of Rugged Software as they discuss how high performing organizations are applying proven supply chain principles to accelerate software delivery.

more
Sonatype Webinar

Strengthen Cyber Resilience with Software Supply Chain Visibility

On-Demand Recording

Our dependence on software continues to grow, powering some of our nation’s most critical infrastructure. To secure our cyber assets, we need to apply high standards to our software suppliers as well as the third party parts built into our software. Join the discussion on how open source and component-based development is driving the need for a software supply chain. Learn techniques and technologies used to vet software suppliers and known vulnerable components. Watch the on-demand recording.

more
Sonatype Webinar

Accelerating Continuous Delivery by Improving NuGet Component Management

On-Demand Recording

Use of repository managers in continuous delivery environments are shown to reduce build times 20-fold as compared to relying on public open source repositories like the NuGet Gallery. By relying on a local caching proxy for the NuGet Gallery and hosting your own proprietary NuGet packages locally, you can dramatically improve build speeds and reliability. In this session, we also show how a repository manager that integrates with NuGet helps .NET developers manage component versions, dependencies and license types using proxy facilities to ensure a continuous flow of development and faster cycle times.

more

Awards

  • Codie
  • INC 500
  • Red Herring
  • SD Times
  • NVTC
  • RSA
  • Gartner