Press Releases

The latest scoop on Sonatype.

Sonatype Launches Industry-First Integrated System of Record for Management of SBOMs

Sonatype's SBOM Manager is a powerful, one-stop shop for easy, cost-effective, and compliant SBOM management, monitoring, and distribution

Sonatype Introduces Cutting-Edge AI/ML Component Detection

New features transform the way AI components are managed, empowering development teams to innovate rapidly, while ensuring the highest standards of security, legal compliance, and risk management 

Sonatype Earns AWS DevOps Competency Status

Company empowers customers to implement business-critical DevOps practices with new AWS Competency and expanded AWS Marketplace offering 

November 28, 2023 – AWS re:Invent – Sonatype, the pioneer of software supply chain management, announced today that it has achieved Amazon Web Services (AWS) DevOps Competency status. This designation recognizes Sonatype’s demonstrated technical expertise and delivery of DevOps solutions on AWS, helping customers accelerate their time to market with safer open source.

Sonatype’s 9th Annual State of the Software Supply Chain Report Reveals Ways to Improve Developer, DevSecOps Efficiency

  • 96% of known-vulnerable open source downloads are still avoidable, highlighting again, suboptimal consumption behaviors as the root of open source risk
  • Teams receive a 2x boost in efficiency when using better upgrade recommendations and better security data, for performing dependency management

October 3, 2023 – DevOps Enterprise Summit - Las Vegas – Sonatype, the pioneer of software supply chain management, today released its 9th Annual State of the Software Supply Chain Report. This year’s report highlights alarming open source software (OSS) and software supply chain security trends, while also looking at how arming developers with better, more consistent development tools and best practices can save them and their organizations a significant amount of time and money.

Megan Lueders Joins Sonatype as Chief Marketing Officer

Respected Marketing Veteran Brings 20 Years of Experience in Driving Transformation and Growth B2B Tech Companies 

September 26, 2023 – Fulton, Md. – Sonatype, the trailblazer in software supply chain management, is pleased to announce the addition of Megan Lueders as Chief Marketing Officer. After two decades leading innovative marketing strategies at both public and private technology enterprises, Lueders will take the reins of global marketing at Sonatype to enhance market leadership, bolster brand recognition, foster customer engagement, and propel the company toward accelerated growth.

Generative AI Adoption Surges in Software Development Despite Security Risks, Sonatype Research Finds

Application security leaders are more bullish than developer leaders on generative AI, though both agree it will lead to more pervasive security vulnerabilities in software development

September 12, 2023 – Fulton, Md. – New research from software supply chain management company Sonatype reveals how generative AI is influencing and impacting the work of software engineers and the software development life cycle. According to the 800 developer (DevOps) and application security (SecOps) leaders surveyed, virtually all (97%) are using the technology today, with three-quarters (74%) reporting they feel pressure to use it despite identified security risks. In fact, most respondents agree that security risks are their biggest concern associated with the technology, underscoring the critical need for responsible AI adoption that will enhance both software and security. 

Sonatype Drives Intelligent Software Security with New Product Enhancements

Company Unveils Boosted Product Capabilities and Evolved Platform to Meet Continuing Demand for Software Supply Chain Security Solutions

August 21, 2023 – Fulton, Md. – Sonatype, the pioneer of software supply chain management, has announced new product capabilities for Sonatype Repository Firewall, Sonatype Nexus Repository and Sonatype Lifecycle. Bolstering Sonatype’s industry-leading software supply chain management platform, these enhancements are designed to give organizations greater control of their software development life cycle (SDLC) while meeting the evolving needs of DevSecOps – empowering developer teams and their organizations to deliver innovative software safer, faster, and at scale.

Biden’s Cybersecurity Executive Order fuels seismic changes in software development practices, Sonatype research reveals

92% of large enterprises now maintain an SBOM or plan to implement in the next year, as Log4j and threat landscape prompt evolution in cybersecurity strategies 

August 3, 2023 – Fulton, Md. – President Biden’s Executive Order on Improving the Nation’s Cybersecurity has driven wide-scale changes in software development practices in both the UK and US in the two years since it launched, new research from software supply chain management company Sonatype has revealed. The Order, designed to bolster the U.S’ response to cyberattacks and encourage greater public-private sector collaboration, primarily focused on Federal executive agencies and contractors. However, Sonatype’s findings show it has spurred industry-wide action on both sides of the Atlantic.

Rashida Hodge Joins Sonatype's Board of Directors, Bringing Innovative Leadership and AI Expertise

A pioneer in the field of artificial intelligence and emerging technologies, Hodge will help steer Sonatype's leading software supply chain management platform

July 13, 2023 – Fulton, Md. – Sonatype, the pioneer of software supply chain management, today announced that Rashida Hodge has joined its Board of Directors. As one of the most experienced practitioners of AI deployments, Hodge’s wealth of experience in technology innovation, leadership, and emerging technologies will be an invaluable asset to Sonatype. 

Sonatype Joins AWS ISV Accelerate Program

Software Supply Chain Management Platform Helps Amazon Web Services Customers Reduce Risk, Speed Software Development 

July 7, 2023 – Fulton, Md. – Sonatype announced today that it has joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, a co-sell program for AWS Partners that provides software solutions that run on or integrate with AWS. The program helps AWS Partners drive new business by directly connecting participating ISVs with the AWS Sales organization.