Skip Navigation

Press Releases

The latest scoop on Sonatype.

Sonatype Launches Industry's First ‘Run Anywhere’ Platform for Software Supply Chain Management

The addition of cloud to on-premises and fully disconnected deployment options make it the most versatile software composition analysis and application security testing solution available

February 1, 2023 -- Seattle, Wash. -- CloudNativeSecurityCon -- Sonatype, the pioneer of software supply chain management, has made it easier than ever for developer and security teams to unite and build innovative software securely with the announcement of new cloud offerings. With these additions, Sonatype becomes the only Application Security Testing (AST) and Software Composition Analysis (SCA) tool available that offers Cloud, Self-Hosted, and Disconnected deployment options - giving maximum control and flexibility to its customers.

Commerzbank AG, ABN Amro Bank NV, Instinet, and Fiserv Win 2022 Sonatype Elevate Awards

Winners represent the bold innovators and fearless experimenters transforming software supply chain management

December 8, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, today announced Commerzbank AG, ABN Amro Bank NV, and Instinet were among those recognized as innovators at the company’s 2022 Elevate Awards. The annual Sonatype Elevate Awards celebrate leading organizations and teams that are driving innovation and delivering remarkable results throughout the software development lifecycle. 

Sonatype Names Finalists for 2022 Elevate Awards

16 Organizations Recognized for Driving Innovation and Delivering Remarkable Results Through Software Development Lifecycle

November 29, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, today announced today announced the finalists of the 2022 Elevate Awards. The annual Elevate Awards celebrate leading organizations and teams that are bold innovators and fearless experimenters transforming software supply chain management.

Sonatype Wins Multiple Awards for Product Excellence and Innovation

Company Recognized as 2022 Frost & Sullivan Technology Innovation Leader, NVTC Cyber Company of the Year

November 3, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, today announced that it has been recognized as a leading enterprise security solution by multiple industry sources.

Sonatype and CyberRes Fortify Expand Partnership to Provide Complete Application Security Solution

Expanded and Revitalized Solution Set Brings Greater Opportunities for Customers 

October 26, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, today announced an expanded strategic partnership with CyberRes™, a Micro Focus® line of business, to provide organizations with a complete open source and application security solution.

Sonatype’s 8th Annual State of the Software Supply Chain Report Finds 96% of Known-Vulnerable Open Source Downloads Are Avoidable

New Data Shows 1.2 Billion Known-Vulnerable Java Dependencies Are Consumed Each Month, Revealing Open Source Consumers As Primary Source of Risk

October 18, 2022 -- Las Vegas -- Sonatype, the pioneer of software supply chain management, today unveiled its eighth annual State of the Software Supply Chain Report at the DevOps Enterprise Summit. In addition to a massive surge in open source supply, demand, and malicious attacks, this year’s report found that 96% of open source Java downloads with known-vulnerabilities could have been avoided because a better version was available, but was ignored.

Sonatype and Cloud Native Computing Foundation Partner to Improve Open Source Security and Raise $50,000 in Diversity Scholarships

Organizations Launch Innovative Security Slam Virtual Event Leading up to KubeCon + CloudNativeCon

October 6, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, in partnership with The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced an inaugural virtual Security Slam event to help improve their projects’ security posture, while raising $50,000 for its Diversity Scholarship Fund donated by Google.

Sonatype Finds 700% Average Increase in Open Source Supply Chain Attacks

New Data Underscores Critical Need for Early Defense Against Malicious Code

September 20, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, has found a massive year-over-year increase in cyberattacks aimed at open source project ecosystems. According to early data from Sonatype's 8th annual State of the Software Supply Chain Report, which will be released in full this October, Sonatype has recorded an average 700% jump in repository attacks over the last three years.

Sonatype Collaborates with Red Hat to Deliver Speed, Security Features and Enhanced Visibility to the Modern Software Factory

Sonatype’s Nexus Lifecycle Leverages Red Hat OpenShift Operator Certification, Provides Software Bill of Materials Visibility

August 30, 2022 -- Fulton, Md. -- Sonatype, the pioneer of software supply chain management, today announced that Sonatype’s Nexus Lifecycle is better positioned to leverage its Red Hat OpenShift Operator Certification, to help provide intelligent insight into the open source components Red Hat OpenShift customers are using.

Sonatype Names Mitchell Johnson as Chief Product Development Officer

Company Bolsters Leadership with First-Ever CPDO Position