Press Releases

Sonatype Named Technology Company of the Year by Maryland Tech Council

5/18/2018 - Sonatype, the leader in automated open source governance and DevSecOps, is proud to announce that it has been named Technology Company of the Year by the Maryland Tech Council (MTC), Maryland’s largest technology trade group.

Sonatype Nexus Delivers Advanced Staging; Further Simplifying DevOps-Native Software Development

5/15/2018 - Sonatype, the leader in automated open source governance and DevSecOps, today announced it has released Staging for version 3 of Nexus Repository Professional, giving organizations a simple, powerful, and flexible way to control how binaries, build artifacts, and release candidates move through their DevOps pipelines.

Sonatype’s Bill Karpovich to Present at the William Blair Tech Leaders 2018 Conference

5/7/2018 - Sonatype, the leader in automated open source governance and DevSecOps, announced that Sonatype SVP of Strategy and Corporate Development Bill Karpovich, will present at the William Blair Tech Leaders 2018 Conference on Thursday, May 10 in San Francisco, Calif.

DCA Live Names Sonatype’s Matt Howard to its List of Top CMOs in the DC Region for 2018

5/3/2018 -Sonatype, the leader in automated open source governance and DevSecOps, is proud to announce that its CMO, Matt Howard, has been named to DCA Live’s Top CMOs and Marketing Leaders list for 2018.

Sonatype Named IDC Innovator

4/26/2018 - Sonatype, the leader in automated open source governance and DevSecOps, is proud to announce it has been named an IDC Innovator in the agile code development market by International Data Corporation (IDC).

Sonatype Survey Reveals Massive Data Breaches are Catalysts for DevSecOps Investments

4/16/18 - Sonatype, the leader in automated open source governance and DevSecOps, today published findings from its 5th annual DevSecOps Community Survey of 2,076 IT professionals. The survey shares practitioner perspectives on evolving DevSecOps practices, shifting investments, and changing perceptions. Survey respondents with mature DevOps practices were 338% more likely to integrate automated security than organizations with no DevOps practice.

Sonatype Sales Surge 105% Year over Year in First Quarter

4/11/2018 – Sonatype, the leader in automated open source governance and DevSecOps, today announced quarterly year-over-year sales growth. Gains include:

105% increase in new sales
131% growth in the number of enterprise applications protected 24x7 by Nexus
34% increase in employees, to keep up with demand

Sonatype Contributes Nexus JavaScript Support to Open Source Community

4/02/2018 – Sonatype, the leader in open source governance and DevSecOps automation, today announced the contribution of its JavaScript support for Nexus Repository to the open source community. This is yet another step in Sonatype’s plan to contribute source code to the community for all formats currently supported in Nexus Repository.

Sonatype’s Nexus Firewall Extends DevSecOps with RubyGems and RPM Support

3/23/18 – Sonatype, the leader in open source governance and DevSecOps automation, today announced that Nexus Firewall now supports RubyGems and RPM components. By continuing to expand support for the most popular component formats, Nexus Firewall can help millions of developers automatically block vulnerable open source components from entering their DevOps pipeline.

Sonatype Nexus Named Best Open Source DevOps Tool

3/22/18 – Sonatype, the leader in open source governance and DevSecOps automation is proud to announce that Nexus Repository has been named Best Open Source DevOps Tool by Computing at the DevOps Excellence Awards 2018.

Sonatype Makes Nexus Firewall Available to 10 Million Developers

3/1/18 - Sonatype, the leader in open source governance and DevSecOps automation, today announced that Nexus Firewall is now available to support the more than 10 million developers currently using the open source version of Nexus Repository.

Sonatype CEO Wayne Jackson to Present at the JMP Securities 2018 Technology Conference

2/28/18 – Sonatype, the global leader in automated solutions for governing open source software development, announced that Sonatype CEO, Wayne Jackson, will present today at the JMP Securities Technology Conference in San Francisco, California.

Sonatype Reports Record Growth in 2017

1/16/18 Sonatype, the leader in open source governance and DevSecOps automation, today announced a record 2017. To keep pace with demand, Sonatype increased headcount by 40% over the past 12 months, fueled by significant additions to its engineering and sales organizations.

DLT and Sonatype Partner to Accelerate Secure Software Development in the Public Sector

1/08/18 DLT Solutions, an award-winning technology provider to the public sector, today announced a new partnership with Sonatype that will allow agencies to develop software quickly and securely by mitigating potential risks posed by open source and third-party components through continuous governance.

Sonatype 2017 State of the Software Supply Chain Report Reveals DevOps Practices Reduce Use of Defective Open Source Components by 63 Percent

7/17/2017 Sonatype, the leader in software supply chain automation, today announced the release of its third annual State of the Software Supply Chain Report. This year’s report highlights risks lurking within open source software components and quantifies the empirical benefits of actively managing software supply chain hygiene.

Sonatype Introduces Free Next-Generation Repository Health Check

4/19/17 - Sonatype, the leader in software supply chain automation, today released the next generation of its free Repository Health Check (RHC) feature within its flagship Nexus Repository product. As of today, all 120,000 organizations using Nexus will benefit immediately from the ability to automatically analyze the quality and security of open source software components housed within their Nexus Repository as part of their DevOps pipeline.

Sonatype Announces Secure DevOps Solution for Python Developers

4/19/17 - Sonatype, the leader in software supply chain automation, today announced that its Nexus Firewall will offer support for automated governance of PyPI components before the end of the quarter. Sonatype continues to lead the market in introducing application security technology at the earliest possible phase of the software development lifecycle for DevOps practices.

Sonatype Nexus Launches into Mesosphere DC/OS

4/18/17 - Sonatype, the leader in software supply chain automation, today announced that its Nexus Repository has received certification to run in Mesosphere DC/OS environments. Nexus Repository is the first to offer DC/OS users a free, private registry for Docker containers in addition to enterprise-scale artifact management for the most popular development languages. Nexus Repository offers the best way to organize, store, and distribute software components critical to DevOps and CI/CD toolchains.

New DevOps Research From Sonatype Reveals Changing Attitudes Toward Application Security

3/21/17 – Sonatype, the leader in software supply chain automation, today announced the results of its 2017 DevSecOps Community Survey. 2,292 IT professionals participated in the online survey conducted in February 2017. The survey revealed that mature development organizations ensure automated security is woven into their DevOps practice, early, everywhere, and at scale. Analysis of responses also found that IT organizations continue to struggle with breaches as nearly a 50% increase was recorded between Sonatype’s 2014 and 2017 survey.

Sonatype Announces 300% Growth in Use of Nexus Repository Manager

1/18/17 – Sonatype, the leader in software supply chain automation, today announced 300 percent growth in the use of Nexus Repository over the past three years. During this period, the number of active instances of Nexus Repository grew from 30,000 to 120,000 spurred by the introduction of Nexus Repository v3, universal support for component formats, and growing concern among enterprises about security vulnerabilities in open source components and containers.

Sonatype Adds Automated Container Analysis to Nexus Lifecycle

12/7/16 - Sonatype, the leader in software supply chain automation, today announced that it has incorporated Lifecycle Container Analysis (LCA) into its popular Nexus Lifecycle solution for automating the flow of components through modern software supply chains. Modern development teams can now automatically examine the quality and security of application components within containers moving through their DevOps pipeline.

Sonatype Named to Deloitte Technology Fast 500 for 2016

11/16/16 - Sonatype, the leader in software supply chain automation, has been ranked number 313 on the Deloitte Technology Fast 500 list for 2016. The Deloitte Technology Fast 500 is an annual ranking of the fastest growing North American companies in the technology, media, telecommunications, life sciences, and energy tech industries. This accolade comes on the heels of the company achieving record revenue and customer growth in the first half of 2016.

Sonatype Announces Nexus Repository Pro with High Availability and Software Component Analysis Built-in

9/14/16 - Sonatype, the leader in software supply chain automation, today introduced the latest version of Nexus Repository Pro. The 3.2 version of Nexus Repository Pro will include built-in support for active-active high availability configurations and enhanced security and license analysis for open source components. Sonatype has also expanded Nexus Repository’s free, universal component support to include PyPI and RubyGems.

Sonatype Releases 2016 State of the Software Supply Chain Report

7/11/16 - Sonatype, the leader in software supply chain automation, today announced the release of its second annual State of the Software Supply Chain report. Based on the analysis of 31 billion download requests of open source software components from the Central Repository, which is managed by Sonatype, the report provides insight into the software supply chain practices from 3,000 development organizations and also includes software component analysis of 25,000 applications.

Sonatype Strengthens Continuous Delivery with New Atlassian Integrations

6/2/16– Sonatype, the leader in software supply chain automation, today announced new integrations with Atlassian’s product portfolio to better support Continuous Delivery and DevOps practices. Following up on its previous integrations with Atlassian’s Bamboo and HipChat products, Sonatype is announcing four Nexus integrations with Atlassian products...

Sonatype Releases Nexus Repository Manager 3.0

4/12/16 - Sonatype, the leader in software supply chain automation, today released the latest version of Nexus Repository, adding free support for seven of the most popular software component types. Additionally, Sonatype announced that Nexus Repository has now surpassed 100,000 active installations, including a majority of the Fortune 100, and continues to experience massive growth in usage. Over the last three years, active Nexus Repository installations grew 240%.

Software Supply Chain Pioneer Sonatype Completes $30 Million Financing Led By Goldman Sachs

2/4/16 - Sonatype, the company dedicated to helping deliver higher quality software even faster, today announced the completion of a $30 million equity and debt financing led by Goldman Sachs’ Principal Strategic Investments Group, with all current investors participating in the round. The investment will be used to accelerate sales, marketing, product development, and international market opportunities.

Sonatype Introduces World’s First Repository Firewall: Continues to Reinvent How Quality Software is Manufactured

12/15/15 - Sonatype, the leader in software supply chain automation, today released Nexus Firewall (patent pending). Nexus Firewall provides perimeter quality control for software development. Similar to a network firewall, it leverages a set of organizationally defined rules that use automation to shield an organization from obsolete or dangerous open source and other third party components from entering or exiting application development.

Study of 106,000 Software Development Organizations Reveals That The Way the World Creates Software is Broken

6/17/15 - Sonatype today released the results of an extensive study of the software development practices of 106,000 organizations representing 17 billion requests for open source and third party software components from the Central Repository in 2014 alone. The study revealed that the way the world creates software is broken – with 23% of the components in the average software application containing known vulnerabilities.

Sonatype Unveils the Nexus Platform, Unlocking Developers’ Time to Focus on Innovation vs. Maintenance and Rework

6/15/15 - Sonatype today introduced the Nexus software platform designed to help IT organizations deliver higher quality software, even faster. The new Nexus software platform integrates the market leading Nexus repository managers, Sonatype’s software formerly known as Component Lifecycle Management (CLM), as well as many new capabilities.

Sonatype’s Nexus Repository Manager Installs Double in Last 18 Months, Reinforcing Dominant Market Share Position

2/26/15 - Sonatype, the Nexus company and a continuous delivery leader, today announced that its Nexus repository manager usage has doubled in the last 18 months (July 2013 to February 2015.) With five times more installs than any other repository manager, Nexus continues to be the industry standard for accelerating continuous software delivery and DevOps.

US Congress Intervenes to Address Cyber Security Crisis with Software Supply Chain Focus

12/10/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a free Application Health Check to immediately alert federal agencies and software suppliers about known vulnerable open source components and where they exist within an application.

Sonatype’s New Software Release Determines OSS Risk and Provides Immediate Path to Resolution

11/17/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today released a new version of its Component Lifecycle Management (CLM) software. An industry first, developers can now avoid security risks without missing business-critical delivery deadlines.

Sonatype Brings NuGet Component Management to .NET Developer Community

10/1/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today announced free NuGet package support through its open source component manager – Nexus OSS. As developers are consuming an ever-increasing number of open source components -- now approaching 250 million downloads annually – the .NET community is seeking to improve build performance and stability through the use of component managers. This trend mirrors the evolution in the Java development environments where there are 13 billion open source component download requests managed annually. More than 40,000 organizations and teams seeking to improve their open source development performance and security have turned to Sonatype’s Nexus component managers -- all of which can now leverage available NuGet support.

Over 370 Organizations Report Confirmed or Suspected Open Source Breaches in Past 12 Months According to Sonatype Survey

7/22/14 - Three out of four organizations that build software applications either have failed to adopt policies to prevent the use of vulnerable software components or have neglected to ban even a single component to enforce existing policies, according to a new survey sponsored by venture capital firm New Enterprise Associates, Inc. (NEA) and software supply chain management company Sonatype. In the survey 3 out of 10 respondents actually admitted they either had or suspect a breach was caused by an open source component within the last 12 months.

80 Percent of the Largest US and European Banks Deploy Sonatype to Address Growing Software Security Threat

4/22/14 - Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, continues to find its software in high demand. The company credits this momentum to an increasing awareness of the urgent need to address the risks associated with flawed open source components being used in millions of mission-critical software applications.

The latest scoop on Sonatype.

Ready to try Nexus Products?