Sonatype Delivers Premium Open Source Controls to GitHub | Press Release


Press Releases

The latest scoop on Sonatype.

 

Vista Equity Partners Acquires Majority Interest in DevOps Leader Sonatype

Partnership to Accelerate Global Growth and Innovation for Automating Open Source Governance and Software Supply Chain Hygiene

FULTON, MD - November 18, 2019 - Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced it has signed a definitive agreement to receive a majority investment from Vista Equity Partners (“Vista”), a leading investment firm focused on empowering and growing enterprise software, data and technology-enabled companies that are reinventing industries and catalyzing change. The partnership with Vista will allow Sonatype to further fast-track growth and enhance its Nexus product portfolio. Several of Sonatype’s existing investors will retain a stake in the company.

Sonatype Delivers Premium Open Source Controls to GitHub Users

New Integrations Deliver Enterprise-Grade Open Source Governance and Dependency Management to Millions of GitHub Developers

San Francisco - GitHub Universe – Tuesday, Nov. 12, 2019Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced new integrations that strengthen GitHub with premium open source governance and dependency management controls.

Sonatype Partners with All Day DevOps to help Educate More Than 36,000 IT Professionals

The 2019 event has garnered the largest audience yet to participate in 24 hour conference starting at 3 am ET on November 6 

McLean, Va -- Nov. 5, 2019 - Sonatype, the company that scales DevOps through open source governance and software supply chain automation, has partnered with All Day DevOps, the largest conference in the world dedicated to sharing DevOps best practices, on its fourth annual event, streams live for 24 hours starting at 8:00 am GMT on Nov 6, 2019 (3:00 am ET). 

Sonatype’s Nexus Repository Manager Expands OSS Coverage, Sees 40% YoY User Growth

Support for CocoaPods, Conda and APT accelerates development and enables improved binary management

Fulton, MDFriday, Oct. 25, 2019Sonatype, the inventors of software supply chain automation, today announced its popular Nexus Repository Manager (NXRM) now includes support for CocoaPods, Conda and APT (Advanced Package Tool) proxy repositories. This additional coverage is part of a concerted effort to accelerate development for support of new formats, ensuring NXRM continues to enable users to universally manage software libraries and build artifacts. The Nexus Platform now supports 42 languages and packages. 

This news also comes on the heels of 40% year-over-year growth in number of users across NXRM professional and OSS versions, highlighting its position as the defacto standard within DevOps toolchains worldwide. 

Sonatype Delivers First of its Kind, Automated Malware Prevention for Open Source Libraries

Nexus Intelligence research engine now automatically detects counterfeit and malicious code injections into open source software supply chains

Fulton, MD – Tuesday, Sept. 24, 2019 –Today, Sonatype, the inventors of software supply chain automation, announced it has developed new early warning capabilities to detect malicious releases of open source components, known as “counterfeit components,” and block their use within modern software factories. The patent-pending technology, part of the next generation of Sonatype’s Nexus Intelligence, monitors millions of open source projects in real-time to identify abnormal development behavior and suspicious patterns as new component versions are released.

Micro Focus Bolsters Strategic Partnership with Sonatype, Brings Best-in-Class Open Source Security to All Fortify Customers

New Joint Solution Delivers a Single, Fully Integrated Application Security Platform for Managing Open Source Risk and Vulnerabilities for Fortify on Demand and Fortify On-Premise

SANTA CLARA, CA -- Sept. 9, 2019 – Micro Focus (LSE: MCRO; NYSE: MFGP) today announced an expanded strategic partnership with Sonatype to provide the combined power of Micro Focus' application security as a service, Fortify, and Sonatype's leading automated open source governance solution, to even more customers. The new relationship, which promotes Sonatype as Fortify's preferred Software Composition Analysis (SCA) partner, delivers the advantages of a single, fully integrated application security platform, without compromising depth and capability in managing open source risk and vulnerabilities.

Sonatype Goes Long with Go: Delivers Fully Automated Security Solution for Fast Growing Programming Language

The Nexus Platform now enables Go development teams to automatically control open source risk across the entire software development lifecycle

SAN DIEGO – GopherCon - July 24, 2019 -- Today, Sonatype, the inventors of software supply chain automation, announced full support for Go (Golang) across the Nexus Platform, giving Go development teams an easy way to manage Go packages and automatically eliminate security risk across the entire software development lifecycle, including production applications.  With the addition of Go, the Nexus Platform now supports 42 programming languages and package formats, further meeting the diverse needs of enterprise development teams. 

2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 Open Source Software Development Teams

An additional study of 12,000 commercial software engineering teams identified key characteristics of exemplary secure coding practices

LONDON – DevOps Enterprise Summit - June 25, 2019 -- Sonatype today released its fifth annual State of the Software Supply Chain Report. This year’s report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it also examines the rapidly expanding supply and continued exponential growth in consumption of open source components.

Sonatype’s Nexus User Conference to Bring 2,000 DevSecOps Leaders Together for Free, Live Streamed Event

The June 12 Conference Features 44 Nexus Innovators, Customers and Industry Leaders

Fulton, MD – June 10, 2019 -- Sonatype, the inventors of software supply chain automation, will host its second annual Nexus User Conference on June 12, 2019. The free, live, and online event will bring together more than 2,000 DevOps and DevSecOps practitioners to galvanize the industry and share actionable insights, technical how-to’s, and first-hand stories about DevSecOps transformations.

Sonatype Debuts New Capabilities for Red Hat Quay, Offers Users Continuous Container Security for Open Source

BOSTON - Red Hat Summit – May 7, 2019 - Sonatype, the inventors of software supply chain automation, announced new capabilities for Red Hat Quay enterprise container registry enabling modern organizations to automate and enforce open source governance policies in the containerized applications they use every day.