Press Releases

Wiesbaden, Germany – January 19, 2021 - Sonatype, a leader in open source security and license compliance management, announced today a partnership with SVA, one of Germany’s leading system integrators, to help enterprise customers easily detect open source vulnerabilities that already exist or are actively being ingested into their repositories.

With the Sonatype Nexus Platform, Cigniti now helps customers shift left and automate open source security at every stage of the software development lifecycle

LONDON –Jan. 6, 2020 - Cigniti Technologies, a global leader in independent quality engineering and software testing services, today announced a partnership with Sonatype, the company that scales DevOps through open source governance and software supply chain automation, to help enterprise customers innovate faster and easily mitigate security risk inherent in open source. 

As cloud transformations accelerate, Eficode makes shifting security left even easier by offering the Sonatype Nexus platform as part of its Eficode ROOT DevOps platform

Helsinki, Finland -- Thursday, Dec. 10, 2020 -- Eficode, Europe’s leading DevOps company, announced an expanded partnership with Sonatype, the leading provider of innovation-friendly open source security tools, to include management, hosting and licensing. This enables Eficode customers to have premium software composition analysis (SCA) and access to Sonatype unrivaled, in-depth open source intelligence and policy engine as a managed service and in the cloud, through the Eficode ROOT DevOps platform. 

Proven Industry Leader Jon Mellon Joins Sonatype to Expand the Sonatype Partner Ecosystem,  Accelerate Growth,  and Enhance Customer Engagement Globally 

Fulton, MD – Tuesday, Dec. 8, 2020 -- Sonatype, the leading provider of innovation-friendly open source security tools, today announced the appointment of a key addition to its executive management team, Jon Mellon, who joins the company in the newly created role of Chief Revenue Officer. With 10 million developers already relying on Sonatype to help them develop safer, software faster, and strong growth projected heading into 2021, the company is preparing for the next phase of rapid expansion with this addition. 

LONDON – December 01, 2020 -- Adaptavist, a digital transformation leader, today announced it has joined the Sonatype partner programme as a Platinum Enterprise Partner. The strategic partnership allows Adaptavist to offer improved application development security features to accelerate enterprise company’s go-to-market plans.

Innovative solution empowers developers to deliver secure applications and automatically help them configure secure and policy compliant cloud infrastructure

Fulton, MD and Frederick, MD – Thursday, Nov. 12, 2020 - Sonatype, the leading provider of innovation-friendly open source security tools, today announced a strategic partnership with Fugue, the company putting engineers in command of cloud security, to deliver the first infrastructure-as-code (IaC) solution that shifts cloud security left into the developer workflow. The partnership further advances the missions of Sonatype and Fugue to empower software developers with best-in-class tools so they can accelerate innovation and simultaneously improve application security, cloud infrastructure security, and continuous compliance with defined policy.

New Integration Provides Additional Open Source Vulnerability Identification and Remediation Capabilities to Tidelift Customers

BOSTON, Mass. – October 29, 2020 - Tidelift, the largest provider of commercial support and maintenance for the community-led open source behind modern applications, and Sonatype, a leading provider of open source intelligence, today announced that Tidelift has integrated Sonatype’s OSS Index data into the Tidelift Subscription to help developers more quickly identify and remediate security vulnerabilities in open source packages and libraries managed by Tidelift.

Nexus Lifecycle and Nexus Repository Now Meet Rigid Security and Compliance Standards Set by the United States Department of Defense

Fulton, MD – Thursday, Oct. 8, 2020 - Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced Nexus Lifecycle and Nexus Repository have been accepted into the Department of Defense’s (DoD) Platform One approved application portal. A fortified version of the Nexus Platform was released that meets DoD specifications for security - one of the most demanding certifications. 

Advanced Development Pack harnesses first-of-its-kind intelligence to help teams improve code quality, minimize breaking changes, and integrate next-gen security.

Fulton, MD – Wednesday, Oct. 7, 2020 — Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today unveils its breakthrough Advanced Development Pack that fundamentally changes how teams manage code dependencies. Designed after studying development and cybersecurity hygiene practices across 30,000 software teams, this new offering available to Nexus Lifecycle customers, ensures developers select the highest quality OSS components that are used to build 90% of a modern application.

New Integration Provides Enterprise-Grade Policy Control for Containers Directly in Nexus Lifecycle

Fulton, MD – Wednesday, Sept. 16, 2020 - Sonatype, the company that scales DevOps through open source governance and software supply chain automation, and NeuVector, the leader in full lifecycle container security, today announced a new integration that provides a comprehensive view of all Kubernetes and Container open source risk in one place.