Future-proofs modern software development with memory-safe language support
Fulton, Md. – March 27, 2025 – Sonatype®, the end-to-end software supply chain security company, announced today its expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite. With the addition of Cargo support, Rust developers can leverage Sonatype’s tools to identify and mitigate potential vulnerabilities, block malicious open source from entering software development, and enforce security policies.
Predicted to become a top ten TIOBE coding language in 2025, Rust is designed for building efficient, reliable applications that prioritize security and memory safety, making it a programming language of choice for critical infrastructure and federal systems software. Sonatype now provides Rust developers with:
-
Enhanced Security: Developers can now automatically detect and remediate vulnerabilities within Rust packages and dependencies, reducing the risk of supply chain attacks and blocking malicious Rust packages.
-
Compliance Assurance: Ensure Rust components comply with organizational policies and regulatory requirements, giving developers peace of mind in meeting security and legal obligations.
-
Ongoing Monitoring: Continuous monitoring of Rust dependencies to quickly address newly discovered vulnerabilities without interrupting the software development lifecycle.
-
Component Delivery: Cargo support in Sonatype Nexus Repository speeds up delivery and ensures continuous open source component delivery, even during outages.
-
Comprehensive Insights: Gain visibility into open source Rust components being used across teams, and enforce security gates that align with best practices for secure software development.
"As Rust continues to gain momentum in the open source community, we are excited to extend our security and compliance capabilities to support its developers," said Brian Fox, Co-founder and CTO of Sonatype. "Our goal is to empower organizations to innovate confidently, knowing that their software supply chains are safeguarded. With Cargo support, Rust developers can now benefit from the same rigorous security and governance practices that thousands of organizations rely on for other popular programming languages."
With the addition of Cargo support, Sonatype reaffirms its commitment to offering comprehensive, next-generation open source management and security solutions that meet the evolving needs of the development community. Organizations that depend on Sonatype’s platform can now easily integrate Rust into their development pipelines, leveraging advanced security and governance features to ensure a resilient and compliant software infrastructure.
“Rust addresses critical challenges in software development, offering memory safety and concurrency without sacrificing performance,” said Joel Marcey, Director of Technology at The Rust Foundation. “Providing an opportunity for organizations small and large to build with Rust is an important step in furthering mainstream adoption for secure software development via memory-safe languages.”
For more information on Sonatype’s products, visit https://www.sonatype.com/products/language-support/rust.
About Sonatype
Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. To learn more about Sonatype, please visit www.sonatype.com.
