<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 ">

Sonatype Named to Two Best Workplace Lists Press Release


Breaches increased 55%

 Read how high performing DevOps teams are using automation to reduce the risk of breaches.


Exploit time compresses 93.5%

 Discover new forms of attack on OSS components that are accelerating the need for DevSecOps practices.


Managed software supply chains are 2X more secure 

 Learn how enterprises are automating OSS governance to prevent themselves from becoming the next Equifax.

Increasing requirements for DevSecOps automation. 

Automation accelerates the demand for open source.
 In 2017, the number of download requests for Java components from the Central Repository grew 68% year over year to 87 billion. 

By August 2018, npm package downloads reached 6 billion per week — equating to a 235% increase in 16 months.

DevSecOps automation reduces OSS vulnerability risks.

Organizations automating open source governance as part of a managed software supply chain practice reduced the percentage of vulnerable components used in finished applications by 50%.

The tide of regulation and software liability is rising.

Legislation aims to address market failures by establishing minimum security requirements for federal procurement of software.

Recommendations for taking a total product lifecycle approach start at the product design phase to build in security.  

Numerous calls for requiring a software bill of materials were made in 2018.