Sonatype’s Nexus Lifecycle Measures the Performance of Better, Faster DevOps


Software development teams automating open source component governance improve application quality by 63%

Fulton, MD – August 10, 2017 – Sonatype, the leader in software supply chain automation, today announced support of new application quality and ROI metrics within its Nexus Lifecycle solution. The new feature, known as Success Metrics, enables DevOps teams to quickly assess and measure the efficacy of their automated open source governance programs.

According to Sonatype’s 2017 State of the Software Supply Chain report, DevOps organizations actively managing the quality of open source components flowing into production applications are reducing the use of defective open source components by 63%. While DevOps practices help teams significantly reduce defects, measuring the speed of remediation is also critical to supporting expanded investments in automation.

Each month, Sonatype customers analyze more than 650,000 applications to assess the security, license, and architectural quality associated with open source, third-party, and proprietary components used in development. Success Metrics now enables Sonatype customers to measure the number of defective components used in applications across their organization and then tracks their mean time to remediation.

Success Metrics is designed to empower teams with empirical evidence of business value and facilitate further investments in DevOps automation.  DevOps teams can also use feedback from Success Metrics to improve the hygiene of their applications and the processes that deliver them.

Supporting Quotes

Wayne Jackson, CEO, Sonatype

“We live in an age where Innovation is king, speed is critical, and open source is center stage.  Today, components of varying quality are flowing through development lifecycles and landing in production applications. The best software will be built by those organizations who harness software supply chain automation practices to not only improve the quality of their applications but accelerate their ability to identify and remediate defects.”

Diego Lo Giudice, VP and Principal Analyst, Forrester

Use DevOps and Supply Chain Principles to Automate Application Delivery Governance (November 2016)

“Ultimately, companies are most concerned with whether their application delivery efforts are winning, serving, and retaining customers and furthering their business technology agenda. Analytical data about customer usage and experience coupled with operational measures of performance, reliability, scalability, and security gives these organizations the means to measure success and improve future performance.”

Additional Resources

About Sonatype

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype pioneered componentized software development and has a rich history of supporting open source innovation. Today, more than 120,000 organizations depend on Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, Morgenthaler Ventures, Bay Partners and Goldman Sachs. Learn more at

Media Contact

Jennifer Edgerly
SpeakerBox Communications for Sonatype