Skip Navigation

Press Releases

The latest scoop on Sonatype.

Sonatype’s 9th Annual State of the Software Supply Chain Report Reveals Ways to Improve Developer, DevSecOps Efficiency

  • 96% of known-vulnerable open source downloads are still avoidable, highlighting again, suboptimal consumption behaviors as the root of open source risk
  • Teams receive a 2x boost in efficiency when using better upgrade recommendations and better security data, for performing dependency management

October 3, 2023 – DevOps Enterprise Summit - Las Vegas – Sonatype, the pioneer of software supply chain management, today released its 9th Annual State of the Software Supply Chain Report. This year’s report highlights alarming open source software (OSS) and software supply chain security trends, while also looking at how arming developers with better, more consistent development tools and best practices can save them and their organizations a significant amount of time and money.

Megan Lueders Joins Sonatype as Chief Marketing Officer

Respected Marketing Veteran Brings 20 Years of Experience in Driving Transformation and Growth B2B Tech Companies 

September 26, 2023 – Fulton, Md. – Sonatype, the trailblazer in software supply chain management, is pleased to announce the addition of Megan Lueders as Chief Marketing Officer. After two decades leading innovative marketing strategies at both public and private technology enterprises, Lueders will take the reins of global marketing at Sonatype to enhance market leadership, bolster brand recognition, foster customer engagement, and propel the company toward accelerated growth.

Generative AI Adoption Surges in Software Development Despite Security Risks, Sonatype Research Finds

Application security leaders are more bullish than developer leaders on generative AI, though both agree it will lead to more pervasive security vulnerabilities in software development

September 12, 2023 – Fulton, Md. – New research from software supply chain management company Sonatype reveals how generative AI is influencing and impacting the work of software engineers and the software development life cycle. According to the 800 developer (DevOps) and application security (SecOps) leaders surveyed, virtually all (97%) are using the technology today, with three-quarters (74%) reporting they feel pressure to use it despite identified security risks. In fact, most respondents agree that security risks are their biggest concern associated with the technology, underscoring the critical need for responsible AI adoption that will enhance both software and security. 

Sonatype Drives Intelligent Software Security with New Product Enhancements

Company Unveils Boosted Product Capabilities and Evolved Platform to Meet Continuing Demand for Software Supply Chain Security Solutions

August 21, 2023 – Fulton, Md. – Sonatype, the pioneer of software supply chain management, has announced new product capabilities for Sonatype Repository Firewall, Sonatype Nexus Repository and Sonatype Lifecycle. Bolstering Sonatype’s industry-leading software supply chain management platform, these enhancements are designed to give organizations greater control of their software development life cycle (SDLC) while meeting the evolving needs of DevSecOps – empowering developer teams and their organizations to deliver innovative software safer, faster, and at scale.

Biden’s Cybersecurity Executive Order fuels seismic changes in software development practices, Sonatype research reveals

92% of large enterprises now maintain an SBOM or plan to implement in the next year, as Log4j and threat landscape prompt evolution in cybersecurity strategies 

August 3, 2023 – Fulton, Md. – President Biden’s Executive Order on Improving the Nation’s Cybersecurity has driven wide-scale changes in software development practices in both the UK and US in the two years since it launched, new research from software supply chain management company Sonatype has revealed. The Order, designed to bolster the U.S’ response to cyberattacks and encourage greater public-private sector collaboration, primarily focused on Federal executive agencies and contractors. However, Sonatype’s findings show it has spurred industry-wide action on both sides of the Atlantic.

Rashida Hodge Joins Sonatype's Board of Directors, Bringing Innovative Leadership and AI Expertise

A pioneer in the field of artificial intelligence and emerging technologies, Hodge will help steer Sonatype's leading software supply chain management platform

July 13, 2023 – Fulton, Md. – Sonatype, the pioneer of software supply chain management, today announced that Rashida Hodge has joined its Board of Directors. As one of the most experienced practitioners of AI deployments, Hodge’s wealth of experience in technology innovation, leadership, and emerging technologies will be an invaluable asset to Sonatype. 

Sonatype Joins AWS ISV Accelerate Program

Software Supply Chain Management Platform Helps Amazon Web Services Customers Reduce Risk, Speed Software Development 

July 7, 2023 – Fulton, Md. – Sonatype announced today that it has joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, a co-sell program for AWS Partners that provides software solutions that run on or integrate with AWS. The program helps AWS Partners drive new business by directly connecting participating ISVs with the AWS Sales organization.

Sonatype Repository Firewall Has Prevented More Than $1.5B in Losses from Malicious Attacks

Now Available as a SaaS-First Solution for Rapid Protection at Scale 

June 20, 2023 –  Infosecurity Europe - London and Fulton, Md. – Sonatype, the pioneer of software supply chain management, has announced that Sonatype Repository Firewall has stopped more than $1.5 billion in potential losses from malicious open source attacks. Now a SaaS-first solution, it is enabling even more organizations to speed their pace of innovation while keeping their open source software (OSS) repositories and profitability secure.

Sonatype Named a Leader in Software Composition Analysis (SCA) by Independent Research Firm

Sonatype Receives the Highest Current Offering Category Score Among the 12 Most Significant SCA Providers

June 15, 2023 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, is pleased to announce that it has been recognized as a Leader in The Forrester WaveTM: Software Composition Analysis, Q2 2023. Sonatype received the highest score in the current offering category in the report, which identifies the 12 most significant software composition analysis (SCA) providers, and received the highest possible scores in 16 criteria.

Sonatype Launches in AWS Marketplace

The Software Composition Analysis (SCA) Platform Is Now Available to Help AWS Customers Automate Software Supply Chain Security

June 8, 2023 -- Fulton, Md. -- Sonatype today announced availability in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS) – further expanding its relationship with AWS.