Press Releases

Sonatype 2017 State of the Software Supply Chain Report Reveals DevOps Practices Reduce Use of Defective Open Source Components by 63 Percent

7/17/2017 Sonatype, the leader in software supply chain automation, today announced the release of its third annual State of the Software Supply Chain Report. This year’s report highlights risks lurking within open source software components and quantifies the empirical benefits of actively managing software supply chain hygiene.

Sonatype Introduces Free Next-Generation Repository Health Check

4/19/17 - Sonatype, the leader in software supply chain automation, today released the next generation of its free Repository Health Check (RHC) feature within its flagship Nexus Repository product. As of today, all 120,000 organizations using Nexus will benefit immediately from the ability to automatically analyze the quality and security of open source software components housed within their Nexus Repository as part of their DevOps pipeline.

Sonatype Announces Secure DevOps Solution for Python Developers

4/19/17 - Sonatype, the leader in software supply chain automation, today announced that its Nexus Firewall will offer support for automated governance of PyPI components before the end of the quarter. Sonatype continues to lead the market in introducing application security technology at the earliest possible phase of the software development lifecycle for DevOps practices.

Sonatype Nexus Launches into Mesosphere DC/OS

4/18/17 - Sonatype, the leader in software supply chain automation, today announced that its Nexus Repository has received certification to run in Mesosphere DC/OS environments. Nexus Repository is the first to offer DC/OS users a free, private registry for Docker containers in addition to enterprise-scale artifact management for the most popular development languages. Nexus Repository offers the best way to organize, store, and distribute software components critical to DevOps and CI/CD toolchains.

New DevOps Research From Sonatype Reveals Changing Attitudes Toward Application Security

3/21/17 – Sonatype, the leader in software supply chain automation, today announced the results of its 2017 DevSecOps Community Survey. 2,292 IT professionals participated in the online survey conducted in February 2017. The survey revealed that mature development organizations ensure automated security is woven into their DevOps practice, early, everywhere, and at scale. Analysis of responses also found that IT organizations continue to struggle with breaches as nearly a 50% increase was recorded between Sonatype’s 2014 and 2017 survey.

Sonatype Announces 300% Growth in Use of Nexus Repository Manager

1/18/17 – Sonatype, the leader in software supply chain automation, today announced 300 percent growth in the use of Nexus Repository over the past three years. During this period, the number of active instances of Nexus Repository grew from 30,000 to 120,000 spurred by the introduction of Nexus Repository v3, universal support for component formats, and growing concern among enterprises about security vulnerabilities in open source components and containers.

Sonatype Adds Automated Container Analysis to Nexus Lifecycle

12/7/16 - Sonatype, the leader in software supply chain automation, today announced that it has incorporated Lifecycle Container Analysis (LCA) into its popular Nexus Lifecycle solution for automating the flow of components through modern software supply chains. Modern development teams can now automatically examine the quality and security of application components within containers moving through their DevOps pipeline.

Sonatype Named to Deloitte Technology Fast 500 for 2016

11/16/16 - Sonatype, the leader in software supply chain automation, has been ranked number 313 on the Deloitte Technology Fast 500 list for 2016. The Deloitte Technology Fast 500 is an annual ranking of the fastest growing North American companies in the technology, media, telecommunications, life sciences, and energy tech industries. This accolade comes on the heels of the company achieving record revenue and customer growth in the first half of 2016.

Sonatype Announces Nexus Repository Pro with High Availability and Software Component Analysis Built-in

9/14/16 - Sonatype, the leader in software supply chain automation, today introduced the latest version of Nexus Repository Pro. The 3.2 version of Nexus Repository Pro will include built-in support for active-active high availability configurations and enhanced security and license analysis for open source components. Sonatype has also expanded Nexus Repository’s free, universal component support to include PyPI and RubyGems.

Sonatype Releases 2016 State of the Software Supply Chain Report

7/11/16 - Sonatype, the leader in software supply chain automation, today announced the release of its second annual State of the Software Supply Chain report. Based on the analysis of 31 billion download requests of open source software components from the Central Repository, which is managed by Sonatype, the report provides insight into the software supply chain practices from 3,000 development organizations and also includes software component analysis of 25,000 applications.

Sonatype Strengthens Continuous Delivery with New Atlassian Integrations

6/2/16– Sonatype, the leader in software supply chain automation, today announced new integrations with Atlassian’s product portfolio to better support Continuous Delivery and DevOps practices. Following up on its previous integrations with Atlassian’s Bamboo and HipChat products, Sonatype is announcing four Nexus integrations with Atlassian products...

Sonatype Releases Nexus Repository Manager 3.0

4/12/16 - Sonatype, the leader in software supply chain automation, today released the latest version of Nexus Repository, adding free support for seven of the most popular software component types. Additionally, Sonatype announced that Nexus Repository has now surpassed 100,000 active installations, including a majority of the Fortune 100, and continues to experience massive growth in usage. Over the last three years, active Nexus Repository installations grew 240%.

Software Supply Chain Pioneer Sonatype Completes $30 Million Financing Led By Goldman Sachs

2/4/16 - Sonatype, the company dedicated to helping deliver higher quality software even faster, today announced the completion of a $30 million equity and debt financing led by Goldman Sachs’ Principal Strategic Investments Group, with all current investors participating in the round. The investment will be used to accelerate sales, marketing, product development, and international market opportunities.

Sonatype Introduces World’s First Repository Firewall: Continues to Reinvent How Quality Software is Manufactured

12/15/15 - Sonatype, the leader in software supply chain automation, today released Nexus Firewall (patent pending). Nexus Firewall provides perimeter quality control for software development. Similar to a network firewall, it leverages a set of organizationally defined rules that use automation to shield an organization from obsolete or dangerous open source and other third party components from entering or exiting application development.

Study of 106,000 Software Development Organizations Reveals That The Way the World Creates Software is Broken

6/17/15 - Sonatype today released the results of an extensive study of the software development practices of 106,000 organizations representing 17 billion requests for open source and third party software components from the Central Repository in 2014 alone. The study revealed that the way the world creates software is broken – with 23% of the components in the average software application containing known vulnerabilities.

Sonatype Unveils the Nexus Platform, Unlocking Developers’ Time to Focus on Innovation vs. Maintenance and Rework

6/15/15 - Sonatype today introduced the Nexus software platform designed to help IT organizations deliver higher quality software, even faster. The new Nexus software platform integrates the market leading Nexus repository managers, Sonatype’s software formerly known as Component Lifecycle Management (CLM), as well as many new capabilities.

Sonatype’s Nexus Repository Manager Installs Double in Last 18 Months, Reinforcing Dominant Market Share Position

2/26/15 - Sonatype, the Nexus company and a continuous delivery leader, today announced that its Nexus repository manager usage has doubled in the last 18 months (July 2013 to February 2015.) With five times more installs than any other repository manager, Nexus continues to be the industry standard for accelerating continuous software delivery and DevOps.

US Congress Intervenes to Address Cyber Security Crisis with Software Supply Chain Focus

12/10/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a free Application Health Check to immediately alert federal agencies and software suppliers about known vulnerable open source components and where they exist within an application.

Sonatype’s New Software Release Determines OSS Risk and Provides Immediate Path to Resolution

11/17/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a new version of its Component Lifecycle Management (CLM) software. An industry first, developers can now avoid security risks without missing business-critical delivery deadlines.

Sonatype Brings NuGet Component Management to .NET Developer Community

10/1/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today announced free NuGet package support through its open source component manager – Nexus OSS. As developers are consuming an ever-increasing number of open source components -- now approaching 250 million downloads annually – the .NET community is seeking to improve build performance and stability through the use of component managers. This trend mirrors the evolution in the Java development environments where there are 13 billion open source component download requests managed annually. More than 40,000 organizations and teams seeking to improve their open source development performance and security have turned to Sonatype’s Nexus component managers -- all of which can now leverage available NuGet support.

Over 370 Organizations Report Confirmed or Suspected Open Source Breaches in Past 12 Months According to Sonatype Survey

7/22/14 - Three out of four organizations that build software applications either have failed to adopt policies to prevent the use of vulnerable software components or have neglected to ban even a single component to enforce existing policies, according to a new survey sponsored by venture capital firm New Enterprise Associates, Inc. (NEA) and software supply chain management company Sonatype. In the survey 3 out of 10 respondents actually admitted they either had or suspect a breach was caused by an open source component within the last 12 months.

80 Percent of the Largest US and European Banks Deploy Sonatype to Address Growing Software Security Threat

4/22/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, continues to find its software in high demand. The company credits this momentum to an increasing awareness of the urgent need to address the risks associated with flawed open source components being used in millions of mission-critical software applications.

The latest scoop on Sonatype.

Ready to try Nexus Products?