The Sonatype newsroom
Learn the latest about Sonatype. Explore our announcements, press coverage, brand assets, and more.
Press releases
Open Source
,
News and Views
,
Malware
Open Source Malware Reaches More Than 778,500 Packages, According to Sonatype Researchers
December 10, 2024
News and Views
Sonatype Announces Integration with Buy with AWS, Offering Simplified Procurement for AWS Customers on Marketplace
December 5, 2024
News and Views
Sonatype and OpenText Partner to Provide Integrated Vulnerability Management Platform for Open Source and Custom Code
November 20, 2024
News and Views
Sonatype Named a Leader in Software Composition Analysis (SCA) Software Report by Independent Research Firm
November 13, 2024
News and Views
Sonatype Announces 2024 Elevate Awards Winners
October 28, 2024
Software Supply Chain
,
News and Views
Sonatype’s 10th Annual State of the Software Supply Chain Report Reveals 156% Surge in Open Source Malware
October 10, 2024
News and Views
Sonatype Achieves AWS Security Competency Status
October 1, 2024
News and Views
Sonatype Names Finalists for 2024 Elevate Awards
September 5, 2024
all day devops
Sonatype Announces Keynote Speakers for 9th Annual All Day DevOps
August 22, 2024
Default
Sonatype Launches End-to-End Software Supply Chain Security Platform Availability in AWS Marketplace
July 23, 2024
Default
Sonatype SBOM Manager Prepares Enterprises for Rapid, Reliable Compliance at Scale
June 26, 2024
Product
Sonatype Announces Integration with ServiceNow to Streamline Software Composition Analysis
May 16, 2024
Open Source
,
data
,
Product
Sonatype Uncovers Millions of Previously Hidden Open Source Vulnerabilities Through Unique Shaded Vulnerability Detection System
May 2, 2024
News and Views
,
Product
Sonatype Launches Industry-First Integrated System of Record for Management of SBOMs
March 19, 2024
Software Supply Chain
,
Product
Sonatype Introduces Cutting-Edge AI/ML Component Detection
February 22, 2024
News and Views
Sonatype Earns AWS DevOps Competency Status
November 28, 2023
News and Views
Sonatype’s 9th Annual State of the Software Supply Chain Report Reveals Ways to Improve Developer, DevSecOps Efficiency
October 3, 2023
News and Views
Megan Lueders Joins Sonatype as Chief Marketing Officer
September 26, 2023
News and Views
Generative AI Adoption Surges in Software Development Despite Security Risks, Sonatype Research Finds
September 12, 2023
News and Views
Sonatype Drives Intelligent Software Security with New Product Enhancements
August 21, 2023
News and Views
Biden’s Cybersecurity Executive Order fuels seismic changes in software development practices, Sonatype research reveals
August 3, 2023
News and Views
Rashida Hodge Joins Sonatype's Board of Directors, Bringing Innovative Leadership and AI Expertise
July 13, 2023
News and Views
Sonatype Joins AWS ISV Accelerate Program
July 7, 2023
News and Views
Sonatype Repository Firewall Has Prevented More Than $1.5B in Losses from Malicious Attacks
June 20, 2023
News and Views
Sonatype Named a Leader in Software Composition Analysis (SCA) by Independent Research Firm
June 15, 2023
News and Views
Sonatype Launches in AWS Marketplace
June 8, 2023
News and Views
Sonatype Named to 2023 Gartner® Magic Quadrant™ for Application Security Testing
May 23, 2023
News and Views
Sonatype Advances Software Supply Chain Management with New Platform Enhancements
April 25, 2023
News and Views
Sonatype Launches New Partner Acceleration Program to Help Partners Scale and Secure their Customers’ Software Supply Chains
April 3, 2023
News and Views
Sonatype Announces Enhanced Maven Central Experience
March 28, 2023
News and Views
Sonatype Launches Industry's First ‘Run Anywhere’ Platform for Software Supply Chain Management
February 1, 2023
News and Views
Commerzbank AG, ABN Amro Bank NV, Instinet, and Fiserv Win 2022 Sonatype Elevate Awards
December 8, 2022
News and Views
Sonatype Names Finalists for 2022 Elevate Awards
November 29, 2022
News and Views
Sonatype Wins Multiple Awards for Product Excellence and Innovation
November 3, 2022
News and Views
Sonatype and CyberRes Fortify Expand Partnership to Provide Complete Application Security Solution
October 26, 2022
News and Views
Sonatype’s 8th Annual State of the Software Supply Chain Report Finds 96% of Known-Vulnerable Open Source Downloads Are Avoidable
October 18, 2022
News and Views
Sonatype and Cloud Native Computing Foundation Partner to Improve Open Source Security and Raise $50,000 in Diversity Scholarships
October 6, 2022
News and Views
Sonatype Finds 700% Average Increase in Open Source Supply Chain Attacks
September 20, 2022
News and Views
Sonatype Collaborates with Red Hat to Deliver Speed, Security Features and Enhanced Visibility to the Modern Software Factory
August 30, 2022
News and Views
Sonatype Names Mitchell Johnson as Chief Product Development Officer
August 25, 2022
News and Views
Sonatype Achieves Record Growth, Expands Leadership Team with New Board Member and CRO
July 20, 2022
Nexus Lifecycle
,
Product
Sonatype Enables Engineering Teams to Take Control of InnerSource Components With First-Of-Its-Kind Feature
May 11, 2022
Default
Sonatype Sets Record First Quarter With 62% Increase in YOY Bookings, 95% Renewal Rate, as Software Supply Chain Management Needs Continue to Surge
April 19, 2022
News and Views
,
Corporate Momentum
Sonatype Exceeds $100M in ARR, Names First President as Demand for Software Supply Chain Management Soars
January 27, 2022
Log4j
Critical Log4j Vulnerability Still Being Downloaded 40% of the Time, Sonatype Research Reveals in New Resource Center
December 22, 2021
News and Views
Sonatype Expands Support for Open Source Communities with Key Partnerships
October 5, 2021
State of the Software Supply Chain
Open Source Continues to Fuel Digital Transformation, Sonatype's 2021 Software Supply Chain Report Reveals Important Trends
September 15, 2021
Product
,
Sonatype Lift
Sonatype Launches Novel Deep Code Analysis Platform Designed for Developers
June 15, 2021
News and Views
Finalists Announced for Inaugural Sonatype Elevate Awards
June 10, 2021
News and Views
,
partners
Amazic Announces New Partnership With Sonatype to Bring More Enterprises Developer-Friendly, Full-Spectrum Software Supply Chain Automation and Security
June 10, 2021
News and Views
,
Product
Sonatype Embraces CycloneDX Standard for Integrating Software Bills of Materials (SBOMs)
May 13, 2021
Nexus Lifecycle
,
Product
Sonatype Helps Organizations Manage Open Source License Obligations and Speed up Legal Compliance with New Tool
May 4, 2021
Default
Sonatype’s Channel Partner Program Experiences Triple Digital Growth in EMEA For the Second Year Running
March 30, 2021
News and Views
,
Product
Sonatype Unveils Full-Spectrum Software Supply Chain Management Platform
March 16, 2021
News and Views
,
Product
Sonatype Acquires MuseDev
March 16, 2021
News and Views
,
Product
,
infrastructure as code
Sonatype Adds Infrastructure as Code Security and Compliance
March 16, 2021
Container Security
,
News and Views
,
Product
Sonatype Adds Cloud-Native Container and Kubernetes Security for Developers
March 16, 2021
News and Views
,
partners
Russian Enterprises Turn to Swordfish Security and Sonatype to Combat Risk Associate With Open Source
February 25, 2021
News and Views
,
partners
Bahwan CyberTek Partners With Sonatype to Mitigate Security Vulnerabilities in Open Source Software
February 18, 2021
News and Views
,
CapOne
Sonatype Partners With SVA System Vertrieb Alexander GmbH to Help Enterprises Mitigate Risk and Build Software More Securely
January 19, 2021
News and Views
,
partners
Cigniti Technologies Announces Partnership With Sonatype, Extends AppSec Offering With Best-In-Class Software Composition Analysis
January 6, 2021
partners
Eficode Bolsters Partnership With Sonatype, Extends Best-In-Class Software Composition Analysis With Hosted Solutions
December 10, 2020
News and Views
Sonatype Strengthens Leadership Team With New Chief Revenue Officer; Prepares for Global Expansion
December 8, 2020
partners
Adaptavist Offers Enterprise DevSecOps Solution With Sonatype Partnership
December 1, 2020
Product
,
infrastructure as code
,
Fugue
Sonatype and Fugue Partner to Shift Cloud Security Left and Ensure Continuous Policy Compliance
November 12, 2020
oss index
,
partners
Tidelift Delivers Open Source Vulnerability Data to Subscribers with Sonatype
October 29, 2020
government
,
Product
Sonatype Delivers Hardened Nexus Platform to DoD’s Platform One, Helps Accelerate Digital Innovation Across Federal Agencies
October 8, 2020
Nexus Lifecycle
,
Product
Sonatype Introduces Next Generation Dependency Management for Software Developers
October 7, 2020
container
,
News and Views
,
Product
,
NeuVector
Sonatype and NeuVector Partner to Centralize Container and Open Source Security
September 16, 2020
News and Views
,
2020 Software Supply Chain Report
2020 State of the Software Supply Chain Report Released; Sonatype Reveals New Speed and Security Benchmarks
August 12, 2020
News and Views
,
2020 Software Supply Chain Report
Sonatype’s 2020 State of the Software Supply Chain Report Finds 430% Increase in Next Generation Open Source Cyber Attacks
August 12, 2020
Report/Survey/Whitepaper releases
,
2020 DevSecOps Community Survey
,
healthcare industry
One in Six Developers in Healthcare Industry Report Open Source Software Breaches, Sonatype Finds
June 4, 2020
Report/Survey/Whitepaper releases
,
2020 DevSecOps Community Survey
,
financial services industry
Sonatype Finds Links Between Leading DevSecOps Practices and Happy Developers Within the Financial Services Industry
June 4, 2020
government
,
DevSecOps in Government
,
Report/Survey/Whitepaper releases
,
2020 DevSecOps Community Survey
Sonatype Survey Finds DevSecOps is a Top Priority in Government
June 4, 2020
Report/Survey/Whitepaper releases
,
2020 DevSecOps Community Survey
,
technology sector
Sonatype Finds Tech Companies Are Peak DevSecOps Performers
June 4, 2020
atlassian
,
integrations
,
Product
Sonatype’s Nexus Platform Offers Three New DevOps Integrations for Atlassian
June 2, 2020
The Central Repository
,
Central
,
Maven
,
Report/Survey/Whitepaper releases
,
COVID-19
Software Development in the UK Falls 28% in Wake of COVID-19, Sonatype Research Reveals
May 21, 2020
Sonatype
,
Sonatypers
Sonatype Expands Executive Team With Cybersecurity and Open Source Experts
May 14, 2020
Nexus Lifecycle
,
Nexus Firewall
,
Bower
,
Nexus Platform
,
Product
,
CocoaPods
,
Conda
,
C/C++
,
PHP
,
Cargo
,
Alpine
,
Composer
,
CRAN
,
Drupal
Sonatype Further Expands Coverage of Nexus Platform
May 13, 2020
all day dev ops
,
2020 All Day DevOps
Sonatype Collaborates With All Day DevOps to Connect More Than 6,000 IT Pros Working From Home During the COVID-19 Pandemic
April 16, 2020
2020 DevSecOps Community Survey
Sonatype Finds Mature DevSecOps Practices Lead to Happier Developers, More Secure Code
April 7, 2020
Ruby Gems language
,
Nexus Platform
,
Product
,
C/C++
,
PHP
Sonatype Expands its Fully Automated Open Source Security and Governance Solution to Support C/C++, PHP and Ruby
March 12, 2020
awards
,
Product
Sonatype Channel Partner Program Sees Triple Digit Growth in EMEA
March 5, 2020
Nexus Lifecycle
,
npm
,
Javascript
,
Product
Sonatype Overhauls JavaScript Scanning; Provides npm Automated Pull Requests and More Free Developer Tools
March 3, 2020
Nexus Repository
,
Product
,
Helm
Sonatype Streamlines Deployment for Millions of Developers Using Kubernetes, Adds Native Helm Support to Nexus Repository
February 24, 2020
News and Views
Eficode and Sonatype Partner to Secure the Software Supply Chain for Modern Enterprise Organisations
November 27, 2019
devsecops
,
Container Security
,
Product
Sonatype Fully Automates Container Security
November 25, 2019
News and Views
,
Corporate Momentum
Vista Equity Partners Acquires Majority Interest in DevOps Leader Sonatype
November 18, 2019
Default
Sonatype Delivers Premium Open Source Controls to GitHub Users
November 12, 2019
all day devops
,
News and Views
Sonatype Partners With All Day DevOps to Help Educate More Than 36,000 IT Professionals
November 5, 2019
Product
,
CocoaPods
,
Conda
Sonatype’s Nexus Repository Manager Expands OSS Coverage, Sees 40% YoY User Growth
October 25, 2019
open source intelligence
,
Product
,
embedded malicious code
,
malware prevention
Sonatype Delivers First of its Kind, Automated Malware Prevention for Open Source Libraries
September 24, 2019
Product
Micro Focus Bolsters Strategic Partnership With Sonatype, Brings Best-In-Class Open Source Security to All Fortify Customers
September 10, 2019
Nexus Lifecycle
,
Nexus Firewall
,
Nexus Repository
,
Nexus Platform
,
Product
,
Golang
,
Go
Sonatype Goes Long With Go: Delivers Fully Automated Security Solution for Fast Growing Programming Language
July 24, 2019
devsecops
,
2019 State of the Software Supply Chain Report
,
secure coding
2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 Open Source Software Development Teams
June 25, 2019
Devops
,
devsecops
,
Nexus User Conference
Sonatype's Nexus User Conference to Bring 2,000 DevSecOps Leaders Together for Free, Live Streamed Event
June 10, 2019
Red Hat
,
Container Security
,
Quay
Sonatype Debuts New Capabilities for Red Hat Quay, Offers Users Continuous Container Security for Open Source
May 7, 2019
News and Views
,
best workplace
Sonatype Named on Best Workplace Lists by Both Washingtonian Magazine and Battery Ventures
April 29, 2019
Everything Open Source
,
The Central Repository
,
Open Source
,
Central Security Project
,
CSP
Sonatype and HackerOne Team Up to Make Open Source Safer
March 21, 2019
devsecops
,
Devops maturity
,
DevSecOps Community Survey
5,558 IT Professionals Reveal Patterns of Elite DevSecOps Practices
March 4, 2019
In the news
![logo-techstrongTV](https://www.sonatype.com/hs-fs/hubfs/logo-techstrongTV.png?width=400&height=114&name=logo-techstrongTV.png)
Media Hit
The hidden perils of open source in the era of AI
TechStrong
February 5, 2025
![infoworld logo black](https://www.sonatype.com/hs-fs/hubfs/Company%20Logo/infoworld%20logo%20black.png?width=792&height=228&name=infoworld%20logo%20black.png)
Media Hit
Tetragon: Extending eBPF and Cilium to runtime security
InfoWorld
February 3, 2025
![Forbes logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/Forbes-logo.png?width=490&height=245&name=Forbes-logo.png)
Media Hit
How attackers became the protagonists of the software supply chain
Forbes
January 31, 2025
![Security Week logo](https://www.sonatype.com/hs-fs/hubfs/logo-security-week.png?width=400&height=104&name=logo-security-week.png)
Media Hit
Cyber insights 2025: Social engineering gets AI wings
SecurityWeek
January 24, 2025
![CSO logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/CSO%20logo.png?width=490&height=245&name=CSO%20logo.png)
Media Hit
Python administrator moves to improve software security
CSO Online
January 23, 2025
![techtarget bw](https://www.sonatype.com/hs-fs/hubfs/Company%20Logo/techtarget%20bw.png?width=389&height=226&name=techtarget%20bw.png)
Media Hit
EU, U.S. at odds on AI safety regulations
TechTarget
January 23, 2025
![logo-heise-online](https://www.sonatype.com/hs-fs/hubfs/logo-heise-online.png?width=400&height=83&name=logo-heise-online.png)
Media Hit
Secure coding: Equipping Apache Maven against cache poisoning attacks
Heise
January 18, 2025
![techtarget bw](https://www.sonatype.com/hs-fs/hubfs/Company%20Logo/techtarget%20bw.png?width=389&height=226&name=techtarget%20bw.png)
Media Hit
Biden order gives CISA software supply chain 'teeth'
TechTarget
January 17, 2025
![techtarget](https://www.sonatype.com/hs-fs/hubfs/Company%20Logo/techtarget.png?width=389&height=226&name=techtarget.png)
Media Hit
Tech industry experts digest cybersecurity executive order
TechTarget
January 17, 2025
![cnbc_logo_copy](https://www.sonatype.com/hs-fs/hubfs/Media/cnbc_logo_copy.png?width=417&height=292&name=cnbc_logo_copy.png)
Media Hit
Tough new EU cyber rules require banks to ramp up security - but many aren't ready
CNBC
January 17, 2025
![logo_the_stack](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/logo_the_stack.png?width=264&height=54&name=logo_the_stack.png)
Media Hit
It's DORA day as operational resilience rules add to Brussels' blizzard of bank tech regs
The Stack
January 17, 2025
![SC Media logo](https://www.sonatype.com/hs-fs/hubfs/logo-SC_media_CRA.png?width=434&height=171&name=logo-SC_media_CRA.png)
Media Hit
DORA Arrives: European financial services faces new regulation
SC Media
January 17, 2025
![ComputerWeekly-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/ComputerWeekly-logo.png?width=490&height=245&name=ComputerWeekly-logo.png)
Media Hit
Almost half of UK banks set to miss DORA deadline
ComputerWeekly
January 16, 2025
![Security Week logo](https://www.sonatype.com/hs-fs/hubfs/logo-security-week.png?width=400&height=104&name=logo-security-week.png)
Media Hit
Cyber insights 2025: Open source and software supply chain security
SecurityWeek
January 15, 2025
![the-new-stack](https://www.sonatype.com/hs-fs/hubfs/the-new-stack.png?width=10417&height=1246&name=the-new-stack.png)
Media Hit
The hidden cost of open source waste
The New Stack
January 15, 2025
![the-new-stack-1](https://www.sonatype.com/hs-fs/hubfs/the-new-stack-1.png?width=10417&height=1246&name=the-new-stack-1.png)
Media Hit
How supply-chain attackers maximize their blast radius
The New Stack
January 7, 2025
![logo-bis](https://www.sonatype.com/hs-fs/hubfs/logo-bis.png?width=400&height=63&name=logo-bis.png)
Media Hit
Nuclei patches high severity flaw in security tool
Bank Info Security
January 6, 2025
![logo-techstrongTV](https://www.sonatype.com/hs-fs/hubfs/logo-techstrongTV.png?width=400&height=114&name=logo-techstrongTV.png)
Media Hit
Why SCA isn't enough
From the Source
January 6, 2025
![techtarget bw](https://www.sonatype.com/hs-fs/hubfs/Company%20Logo/techtarget%20bw.png?width=389&height=226&name=techtarget%20bw.png)
Media Hit
10 cybersecurity predictions for 2025
TechTarget
December 20, 2024
![IT Brew logo](https://www.sonatype.com/hs-fs/hubfs/logo-IT_brew.png?width=400&height=131&name=logo-IT_brew.png)
Media Hit
Security experts share their biggest lessons from 2024
IT Brew
December 18, 2024
![computing-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/computing-logo.png?width=490&height=245&name=computing-logo.png)
Media Hit
Open source malware attacks triple in 2024
Computing
December 11, 2024
![Forbes logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/Forbes-logo.png?width=490&height=245&name=Forbes-logo.png)
Media Hit
20 game-changing ways devs can use GenAI for coding
Forbes
November 20, 2024
![CIO logo](https://www.sonatype.com/hs-fs/hubfs/logo-CIO.png?width=364&height=194&name=logo-CIO.png)
Media Hit
Contaminated open source packages explode
CIO
November 14, 2024
![DarkReading-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/DarkReading-logo.png?width=490&height=245&name=DarkReading-logo.png)
Media Hit
Vulnerabilities, AI compete for software developers' attention
DARK Reading
October 18, 2024
![SC Media logo](https://www.sonatype.com/hs-fs/hubfs/logo-SC_media_CRA.png?width=434&height=171&name=logo-SC_media_CRA.png)
Media Hit
Vulnerable instance of Log4j still being used nearly 3 years later
SC Media
October 14, 2024
Media Hit
Malicious open-source software packages have exploded in 2024
CSO Online
October 14, 2024
![CyberScoop logo](https://www.sonatype.com/hs-fs/hubfs/logo-CyberScoop.png?width=500&height=60&name=logo-CyberScoop.png)
Media Hit
Malicious packages in open-source repositories are surging
CyberScoop
October 10, 2024
![Silicon Angle logo](https://www.sonatype.com/hs-fs/hubfs/logo-siliconAngle.png?width=360&height=71&name=logo-siliconAngle.png)
Media Hit
Sonatype report: Open-source software reaches 6.6T requests and security risks escalate
Silicon ANGLE
October 10, 2024
![logo-CyberScoop](https://www.sonatype.com/hs-fs/hubfs/logo-CyberScoop.png?width=500&height=60&name=logo-CyberScoop.png)
Media Hit
Zero trust: How the 'Jia Tan' hack complicated open-source software
CyberScoop
August 15, 2024
![logo-politico](https://www.sonatype.com/hs-fs/hubfs/logo-politico.png?width=400&height=118&name=logo-politico.png)
Media Hit
Should the CSRB take on CrowdStrike?
Politico
July 29, 2024
![The Guardian logo](https://www.sonatype.com/hs-fs/hubfs/logo-guardian.png?width=400&height=164&name=logo-guardian.png)
Media Hit
First thing: Microsoft outage takes out banks, airlines, and businesses
The Guardian
July 19, 2024
![decipher-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/decipher-logo.png?width=490&height=245&name=decipher-logo.png)
Media Hit
Researchers warn of widespread Polyfill supply chain attack
Decipher
June 27, 2024
![techradar-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/techradar-logo.png?width=490&height=245&name=techradar-logo.png)
Media Hit
Python developers targeted with fake PyPI packages
TechRadar
June 6, 2024
![logo-bleepingComputer](https://www.sonatype.com/hs-fs/hubfs/logo-bleepingComputer.png?width=502&height=92&name=logo-bleepingComputer.png)
Media Hit
Cybercriminals pose as "helpful" Stack Overflow users to push malware
Bleeping Computer
May 29, 2024
Media Hit
Third-party software supply chain threats continue to plague CISOs
CSO
May 28, 2024
![DarkReading-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/DarkReading-logo.png?width=490&height=245&name=DarkReading-logo.png)
Media Hit
The fall of the National Vulnerability Database
DARK Reading
May 16, 2024
![logo-CIO](https://www.sonatype.com/hs-fs/hubfs/logo-CIO.png?width=364&height=194&name=logo-CIO.png)
Media Hit
10 things to watch out for with open source gen AI
CIO
May 15, 2024
![Information Week logo](https://www.sonatype.com/hs-fs/hubfs/logo-information_week.png?width=466&height=108&name=logo-information_week.png)
Media Hit
The continuing vulnerability of US critical infrastructure
Information Week
April 25, 2024
![logo-Axios](https://www.sonatype.com/hs-fs/hubfs/logo-Axios.png?width=900&height=300&name=logo-Axios.png)
Media Hit
Open-source developer prepare for a possible social-engineering crisis
Axios
April 19, 2024
![logo-siliconAngle](https://www.sonatype.com/hs-fs/hubfs/logo-siliconAngle.png?width=360&height=71&name=logo-siliconAngle.png)
Media Hit
Sonatype debuts SBOM Manager to make enterprise software more transparent
Silicon ANGLE
March 19, 2024
![techtarget bw](https://www.sonatype.com/hs-fs/hubfs/Company%20Logo/techtarget%20bw.png?width=389&height=226&name=techtarget%20bw.png)
Media Hit
OSS leaders detail commitments to bolster software security
TechTarget
March 8, 2024
![DarkReading-logo](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/DarkReading-logo.png?width=490&height=245&name=DarkReading-logo.png)
Media Hit
How to ensure open-source packages are not mines
DARK Reading
March 7, 2024
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/ComputerWeekly-logo.png?width=490&height=245&name=ComputerWeekly-logo.png)
Media Hit
LLMs explained: A developer’s guide to getting started
ComputerWeekly.com
February 23, 2024
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/techradar-logo.png?width=490&height=245&name=techradar-logo.png)
Media Hit
Where does the rise of AI put incident responders?
TechRadar
February 16, 2024
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo%20(2).png?width=392&height=196&name=theNewStack-logo%20(2).png)
Media Hit
10 ways generative AI will transform software development
InfoWorld
February 12, 2024
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo%20(4).png?width=392&height=196&name=theNewStack-logo%20(4).png)
Media Hit
Resolutions for Open Source in 2024 - What Has to Change?
HackerNoon
January 13, 2024
![](https://www.sonatype.com/hs-fs/hubfs/ZDNet-logo%20(1).png?width=392&height=196&name=ZDNet-logo%20(1).png)
Media Hit
Create an open source security policy for your organization
TechTarget
January 2, 2024
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo%20(2).png?width=392&height=196&name=theNewStack-logo%20(2).png)
Media Hit
4 key devsecops skills for the generative AI era
InfoWorld
January 1, 2024
![](https://www.sonatype.com/hs-fs/hubfs/adtmag-logo%20(2).png?width=392&height=196&name=adtmag-logo%20(2).png)
Media Hit
Four in five Apache Struts 2 downloads are for versions featuring critical flaw
The Register
December 21, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/BetaNews-logo.png?width=490&height=245&name=BetaNews-logo.png)
Media Hit
AI, efficiency and a rise in citizen developers -- development predictions for 2024
BetaNews
December 19, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/CSO%20logo.png?width=490&height=245&name=CSO%20logo.png)
Media Hit
Lazarus APT attack campaign shows Log4Shell exploitation remains popular
CSO
December 14, 2023
![](https://www.sonatype.com/hs-fs/hubfs/adtmag-logo%20(2).png?width=392&height=196&name=adtmag-logo%20(2).png)
Media Hit
Two years on, 1 in 4 apps still vulnerable to Log4Shell
The Register
December 11, 2023
![](https://www.sonatype.com/hs-fs/hubfs/ZDNet-logo.png?width=392&height=196&name=ZDNet-logo.png)
Media Hit
Just 11% of open-source packages are still being maintained: report
IT Brew
November 1, 2023
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo%20(3).png?width=392&height=196&name=theNewStack-logo%20(3).png)
Media Hit
CISA targets software identification in push to boost supply chain security
Cybersecurity Dive
October 27, 2023
![](https://www.sonatype.com/hs-fs/hubfs/adtmag-logo%20(3).png?width=392&height=196&name=adtmag-logo%20(3).png)
Media Hit
The Top 50 SaaS CEOs of 2023
The Software Report
October 24, 2023
Media Hit
AI brings a lot more to the DevOps experience than meets the eye
ZDNET
October 20, 2023
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo%20(2).png?width=392&height=196&name=theNewStack-logo%20(2).png)
Media Hit
Report finds few open source projects actively maintained
InfoWorld
October 12, 2023
![](https://www.sonatype.com/hs-fs/hubfs/adtmag-logo%20(2).png?width=392&height=196&name=adtmag-logo%20(2).png)
Media Hit
Fresh curl tomorrow will patch 'worst' security flaw in ages
The Register
October 10, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/Forbes-logo.png?width=490&height=245&name=Forbes-logo.png)
Media Hit
20 Tech Experts Share Essential Details To Look For In An SBOM
Forbes
October 9, 2023
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo%20(1).png?width=392&height=196&name=theNewStack-logo%20(1).png)
Media Hit
Software supply chain attacks on the rise – is old open source software to blame?
SDxCentral
October 5, 2023
![](https://www.sonatype.com/hs-fs/hubfs/theNewStack-logo.png?width=392&height=196&name=theNewStack-logo.png)
Media Hit
Stop blaming maintainers for open source risks
TechRadar
October 3, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/infosecuritygroup-logo.png?width=490&height=245&name=infosecuritygroup-logo.png)
Media Hit
Upstream Supply Chain Attacks Triple in a Year
Infosecurity Magazine
October 3, 2023
![](https://www.sonatype.com/hs-fs/hubfs/Washingtonian-Logo-Black.png?width=1200&height=205&name=Washingtonian-Logo-Black.png)
Media Hit
DC's 2023 Tech Titans
Washingtonian
September 7, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/WSJ-logo.png?width=490&height=245&name=WSJ-logo.png)
Media Hit
Buggy, Vulnerable Open-Source Code Seeps Into Business Tech
Wall Street Journal
September 5, 2023
![](https://www.sonatype.com/hs-fs/hubfs/adtmag-logo%20(3).png?width=392&height=196&name=adtmag-logo%20(3).png)
Media Hit
The Top 100 Software Companies of 2023
The Software Report
August 22, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/ComputerWeekly-logo.png?width=490&height=245&name=ComputerWeekly-logo.png)
Media Hit
Biden’s SBOM mandate a ‘shot heard around the world’, report says
ComputerWeekly.com
August 4, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/Dark%20reading%20logo.png?width=254&height=125&name=Dark%20reading%20logo.png)
Media Hit
SBOMs Still More Mandate Than Security
DARK Reading
July 14, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/theNewStack-logo.png?width=490&height=245&name=theNewStack-logo.png)
Media Hit
Sonatype Offers Its Malicious Source Code Blocker as a Service
The New Stack
July 11, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/fastcompany-logo.png?width=490&height=245&name=fastcompany-logo.png)
Media Hit
100 Best Workplaces for Innovators 2023
Fast Company
July 11, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/Forbes-logo.png?width=490&height=245&name=Forbes-logo.png)
Media Hit
Software Providers Should Prepare For Liability Right Now—Here’s How
Forbes
July 10, 2023
![](https://www.sonatype.com/hs-fs/hubfs/adtmag-logo%20(1).png?width=392&height=196&name=adtmag-logo%20(1).png)
Media Hit
Software industry leaders debate real costs and benefits of CISA security push
CIO Dive
April 17, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/techradar-logo.png?width=490&height=245&name=techradar-logo.png)
Media Hit
You don’t have to go through hell managing software dependencies
techradar
March 13, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/SDTimes-logo.png?width=490&height=245&name=SDTimes-logo.png)
Media Hit
What the National Cybersecurity Strategy means for software providers
SD Times
March 3, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/Forbes-logo.png?width=490&height=245&name=Forbes-logo.png)
Media Hit
14 Smart Strategies For Establishing A Secure Software Supply Chain
Forbes
February 24, 2023
![](https://www.sonatype.com/hs-fs/hubfs/1-2023%20New%20Site%20Assets/2023%20PR%20Logos/InfoQ%20logo.png?width=122&height=39&name=InfoQ%20logo.png)
Media Hit
Sonatype BOM Doctor Evaluates and Helps Patch Java Software Bills of Materials
InfoQ
February 13, 2023
Press kit
Access some basic statistics, descriptions, and brand assets you may find helpful when writing about Sonatype.
2008
year founded in Fulton, Maryland
600+
employees from 50 countries and 15 languages
2,000+
organizations supported, including 70% of Fortune 100
15 million
developers rely on Sonatype
Fulton, MD
headquarters
Maven Central
stewards