Sonatype Reports 78% Year-Over-Year Growth


Equifax and GDPR accelerate global demand for managed software supply chains in Q3.

Fulton, MD – October 18, 2017 — Sonatype, the leader in software supply chain automation, today announced continued growth across every aspect of its Nexus software business. Comparing Q3 year-over-year results, Sonatype reported:

  • 78% growth in total annual contract value (ACV) sold
  • 200% increase in Nexus Lifecycle utilization to 720,000 applications per month
  • 60% increase in active users of Nexus Repository Manager to 1.8 million developers

Sonatype also reported a strong 119% net dollar retention rate (DRR).  The company attributes its global growth to customer adoption of automated open source governance into DevOps processes, a desire to comply with impending General Data Protection Regulations (GDPR), and an urgency among IT leaders to avoid Equifax-like breaches.

“Software runs the things that run our world, and recent high-profile breaches like the one at Equifax are serving as a wake-up call for all organizations, many of which suffer from poor software development hygiene,” said Wayne Jackson, CEO of Sonatype. “Our performance over the last 12 months is a testament to the growing realization from developers to the C-suite of a need to embrace DevSecOps automation early and everywhere across the SDLC.”

According to Gartner analysts Neil MacDonald and Ian Head in the October 2017 report 10 Things to Get Right for Successful DevSecOps, By 2019, more than 70% of enterprise DevSecOps initiatives will have incorporated automated security vulnerability and configuration scanning for open-source components and commercial packages, up from less than 10% in 2016.”

Earlier this year, the company announced the acquisition of Vor Security to expand language coverage across open source ecosystems and further strengthen the Nexus platform. The company also added management talent with Letitia Long and Steve Hills joining the board of directors and Bill Karpovich joining as SVP of strategy and corporate development.

About Sonatype

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype pioneered componentized software development and has a rich history of supporting open source innovation. Today, more than 150,000 organizations depend on Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, Morgenthaler Ventures, Bay Partners and Goldman Sachs. Learn more at

Media Contact
Katie Hanusik, 703-287-7824