New independent study finds Sonatype’s products save $14,000 per developer per year when improving secure coding practices
FULTON, MD – Jan 29, 2019 - Sonatype, the leader in automated open source governance, announced the release of The Total Economic Impact™ Of The Sonatype Nexus Platform, a commissioned study conducted by research firm Forrester Consulting. In the study, Forrester found that organizations using the Nexus Platform received an average of 232% return on their investment over three years and saw a net benefit achieved in under 12 months due to increased developer productivity, decreased risk of breaches and time-saved by security and compliance staff.
The benefits of Sonatype’s Nexus Platform, according to Forrester
As noted by the report, “in a Forrester Research survey, 12% of respondents indicated they experienced at least one breach over the past year and 41% had experienced multiple breaches.”
Combine that with the fact that 51% of JavaScript packages and 12.1% of Java packages download last year included a known vulnerability, and it’s clear why unchecked open source use has become a business critical concern.
“We’ve long known that what we’ve built at Sonatype not only helps our customers make their software more secure, but it saves developers hundreds of hours of rework, and security and compliance professionals exponential time on manual reviews” said Wayne Jackson, CEO of Sonatype. “Seeing the results of Forrester’s latest study, just makes it even more undeniable.”
Sonatype helps thousands of organizations build better software, faster, by mitigating risks inherent in open source with automated governance. Forrester’s TEI study results revealed significant cost savings and business benefits for organizations the have deployed the Nexus Platform including:
Reducing the risk of a successful breach by 20%
Saving developers $14,000 in saved time per year
Improving security team efficiency to the tune of 173 hours saved per month
Additional Resources:
The Forrester Study of The Total Economic Impact™ Of The Sonatype Nexus Platform is available here
Assess your own application for open source vulnerabilities within seconds
Explore Sonatype’s Nexus Product Suite
Read the latest about DevSecOps and automated open source governance on the Sonatype Blog
About Sonatype
More than 10 million software developers rely on Sonatype to innovate faster while mitigating security risks inherent in open source. Sonatype’s Nexus platform combines in-depth component intelligence with real-time remediation guidance to automate and scale open source governance across every stage of the modern DevOps pipeline. Sonatype is privately held with investments from TPG, Goldman Sachs, Accel Partners, and Hummer Winblad Venture Partners. Learn more at www.sonatype.com.