Skip Navigation

Press Releases

The latest scoop on Sonatype.

Sonatype SBOM Manager Prepares Enterprises for Rapid, Reliable Compliance at Scale

Industry’s first  Enterprise SBOM Manager solution takes the uncertainty out of SBOM collection, monitoring, and compliance

Sonatype Announces Integration with ServiceNow to Streamline Software Composition Analysis

New collaboration enables ServiceNow customers to integrate Sonatype Lifecycle for faster, more efficient remediation of open source application vulnerabilities

Sonatype Uncovers Millions of Previously Hidden Open Source Vulnerabilities Through Unique Shaded Vulnerability Detection System

Discovery underscores the importance of accuracy, prioritization, and effective recommendations so that developers can deliver essential innovations while also building secure, high quality, maintainable software

Sonatype Launches Industry-First Integrated System of Record for Management of SBOMs

Sonatype's SBOM Manager is a powerful, one-stop shop for easy, cost-effective, and compliant SBOM management, monitoring, and distribution

Sonatype Introduces Cutting-Edge AI/ML Component Detection

New features transform the way AI components are managed, empowering development teams to innovate rapidly, while ensuring the highest standards of security, legal compliance, and risk management 

Sonatype Earns AWS DevOps Competency Status

Company empowers customers to implement business-critical DevOps practices with new AWS Competency and expanded AWS Marketplace offering 

November 28, 2023 – AWS re:Invent – Sonatype, the pioneer of software supply chain management, announced today that it has achieved Amazon Web Services (AWS) DevOps Competency status. This designation recognizes Sonatype’s demonstrated technical expertise and delivery of DevOps solutions on AWS, helping customers accelerate their time to market with safer open source.

Sonatype’s 9th Annual State of the Software Supply Chain Report Reveals Ways to Improve Developer, DevSecOps Efficiency

  • 96% of known-vulnerable open source downloads are still avoidable, highlighting again, suboptimal consumption behaviors as the root of open source risk
  • Teams receive a 2x boost in efficiency when using better upgrade recommendations and better security data, for performing dependency management

October 3, 2023 – DevOps Enterprise Summit - Las Vegas – Sonatype, the pioneer of software supply chain management, today released its 9th Annual State of the Software Supply Chain Report. This year’s report highlights alarming open source software (OSS) and software supply chain security trends, while also looking at how arming developers with better, more consistent development tools and best practices can save them and their organizations a significant amount of time and money.

Megan Lueders Joins Sonatype as Chief Marketing Officer

Respected Marketing Veteran Brings 20 Years of Experience in Driving Transformation and Growth B2B Tech Companies 

September 26, 2023 – Fulton, Md. – Sonatype, the trailblazer in software supply chain management, is pleased to announce the addition of Megan Lueders as Chief Marketing Officer. After two decades leading innovative marketing strategies at both public and private technology enterprises, Lueders will take the reins of global marketing at Sonatype to enhance market leadership, bolster brand recognition, foster customer engagement, and propel the company toward accelerated growth.

Generative AI Adoption Surges in Software Development Despite Security Risks, Sonatype Research Finds

Application security leaders are more bullish than developer leaders on generative AI, though both agree it will lead to more pervasive security vulnerabilities in software development

September 12, 2023 – Fulton, Md. – New research from software supply chain management company Sonatype reveals how generative AI is influencing and impacting the work of software engineers and the software development life cycle. According to the 800 developer (DevOps) and application security (SecOps) leaders surveyed, virtually all (97%) are using the technology today, with three-quarters (74%) reporting they feel pressure to use it despite identified security risks. In fact, most respondents agree that security risks are their biggest concern associated with the technology, underscoring the critical need for responsible AI adoption that will enhance both software and security. 

Sonatype Drives Intelligent Software Security with New Product Enhancements

Company Unveils Boosted Product Capabilities and Evolved Platform to Meet Continuing Demand for Software Supply Chain Security Solutions

August 21, 2023 – Fulton, Md. – Sonatype, the pioneer of software supply chain management, has announced new product capabilities for Sonatype Repository Firewall, Sonatype Nexus Repository and Sonatype Lifecycle. Bolstering Sonatype’s industry-leading software supply chain management platform, these enhancements are designed to give organizations greater control of their software development life cycle (SDLC) while meeting the evolving needs of DevSecOps – empowering developer teams and their organizations to deliver innovative software safer, faster, and at scale.