Press Releases

Fulton, MD - July 17, 2017 - Sonatype, the leader in software supply chain automation, today announced the release of its third annual State of the Software Supply Chain Report. This year’s report highlights risks lurking within open source software components and quantifies the empirical benefits of actively managing software supply chain hygiene.

Fulton, MD - June 29, 2017 - Sonatype, a leader in software supply chain automation, today announced that it has acquired Vor Security. Ken Duck, founder and CEO of Vor will join the product and engineering team at Sonatype to continuously expand and refine the open source component intelligence service that underpins the Nexus platform.

Fulton, MD - June 20, 2017 - Sonatype, the leader in software supply chain automation, today announced that it has released a new version of Nexus Lifecycle that includes an extension to Microsoft Visual Studio, a popular integrated development environment (IDE). This new Nexus Lifecycle integration empowers millions of Visual Studio developers with direct access to Sonatype's open source intelligence engine so they can easily vet component quality and automatically ensure compliance with defined security, licensing and architectural policies such as component age or popularity.

BOSTON – RED HAT SUMMIT 2017 – May 1, 2017 – Sonatype, the leader in software supply chain automation, today announced that it has containerized and certified its Nexus Repository to run on Red Hat OpenShift Container Platform. Red Hat OpenShift Container Platform enables developers to quickly build, host, and scale applications in a cloud environment. Red Hat OpenShift Container Platform customers will now be able to deploy Nexus Repository as a solution for managing open source components and containers.

Fulton, MD – April 25, 2017 – Sonatype, the leader in software supply chain automation, today announced the financial services results of its 2017 DevSecOps Community Survey. 412 financial services IT professionals participated in the online survey conducted in February 2017, out of a total of 2,292 survey respondents.

Fulton, MD – April 25, 2017 – Sonatype, the leader in software supply chain automation, today announced the government results of its 2017 DevSecOps Community Survey. 101 public sector IT professionals participated in the online survey conducted in February 2017, out of a total of 2,292 overall survey respondents. The survey revealed that mature development organizations ensure automated security is woven into their DevOps practice early, everywhere, and at scale. Analysis of responses also found that 25% of government organizations continue to struggle with breaches, compared to 20% of all survey respondents.

Fulton, MD – April 25, 2017 – Sonatype, the leader in software supply chain automation, today announced the telecommunications results of its 2017 DevSecOps Community Survey. 160 telecommunications IT professionals participated in the online survey conducted in February 2017, out of a total of 2,292 overall survey respondents. The survey revealed that mature development organizations ensure automated security is woven into their DevOps practice early, everywhere, and at scale. Analysis of responses also found that 20% of telecom organizations continue to struggle with breaches, consistent with overall survey respondents.