We're excited to announce a new integration with ServiceNow to help our joint customers streamline their open source vulnerability management processes. By combining Sonatype Lifecycle with ServiceNow's platform, we're making it easier than ever to identify and remediate open source vulnerabilities. Learn more about this partnership and how it can benefit your organization --> https://bit.ly/3V22v7z #softwaresecurity #cybersecurity #devsecops #sca
Sonatype
Software Development
Fulton, MD 26,161 followers
Develop software fearlessly.
About us
The Sonatype journey started 15 years ago, just as the concept of “open source” software development was gaining steam. From our humble beginning as core contributors to Apache Maven, to supporting the world’s largest repository of open source components (Central), to distributing the world's most popular repository manager (Sonatype Nexus Repository), we’ve played a meaningful role in helping the world embrace the power of open innovation. Over time, we witnessed the staggering volume and variety of open source libraries that began flowing into every development environment in the world. We understood that when open source components are properly managed, they provide a tremendous energy for accelerating innovation. Conversely, when unmanaged, open source "gone wild" can lead directly to security vulnerabilities, licensing risks, enormous rework, and waste. Our vision today is simple. We are laser focused on helping organizations continuously harness all of the good that open source has to offer, without any of the risk. In order to do this, we have invested in knowing more about the quality of open source than anyone else in the world. This investment takes the form of machine learning, artificial intelligence, and human expertise, which in aggregate produces highly curated intelligence that is infused into every Sonatype product. Organizations equipped with Sonatype products make better decisions, innovate faster at scale, and rest comfortably knowing that their applications always consist of the highest quality open source components.
- Website
-
https://www.sonatype.com
External link for Sonatype
- Industry
- Software Development
- Company size
- 501-1,000 employees
- Headquarters
- Fulton, MD
- Type
- Privately Held
- Founded
- 2008
- Specialties
- Open Source, Open Source Governance, Management and Compliance, Repository Management, DevOps, DevSecOps, Software Supply Chain, Continuous Delivery, Continuous Integration, Open Source Security, Docker Private Registry, Software Component Analysis, Open source software, Application security, information security, artifact repository, SBOMs, and SaaS
Locations
-
Primary
8161 Maple Lawn Blvd, Suite 250
Fulton, MD 20759, US
-
8281 Greensboro Drive
Suite 630
McLean, Virginia 22102, US
-
1 Primrose Street
1 Primrose Street
London, England EC2A 2EX, GB
Employees at Sonatype
Updates
-
📰 4 key DevSecOps skills for the generative AI era. Learn more on InfoWorld. #DevSecOps
-
📰 Stop blaming maintainers for open source risks. Read Brian Fox's take on TechRadar. #OSS #SoftwareDevelopment
Stop blaming maintainers for open source risks
techradar.com
-
Don’t miss exclusive insights from Gartner Sr. Director Analyst, Aaron Lord & Sonatype Field CTO, Ilkka Turunen on why SBOMs are critical and how you can leverage them to mitigate software supply chain risks. Join us on May 15th for live q/a. Register Now: https://bit.ly/4abbqbf
-
Sonatype reposted this
#ISMGStudio is coming to you live from RSAC 2024 with our next interviewee Brian Fox, Co-Founder & CTO, Sonatype! He talks about the state of software security and managing open-source software components with our editor Tom Field. 🎯 Stay tuned to hear what he has to say! #ISMGStudio #RSAC2024 #ISMGatRSAC #RSAC RSA Conference
-
We're honored to stand with the Cybersecurity and Infrastructure Security Agency and Director Jen Easterly and be one of the first to sign the Secure by Design Pledge at #RSAC24. We encourage other organizations to do the same. As our own CTO and Co-founder Brian Fox said, it's a no-brainer. #cybersecurity #securecoding #software
-
Hey #RSAC2024! It's time to head to the South Expo Briefing Center to hear from our CTO Brian Fox. He'll share actionable steps to secure your organization's software supply chain with the power of #SBOMs. Join us in 30 minutes for his session "So, you have an SBOM. Now what?" It's one you won't want to miss!
-
Can't wait for more RSAC 2024 today! Come chat with us at booth 4624 in the North Expo to discover how we're optimizing software supply chain security and for a chance to enter Sonatype’s Smokin’ Summer Spectacular raffle😎. https://bit.ly/3wpmnYT #RSAC2024
-
📰 Where does the rise of AI put incident responders? Get insights from TechRadar. #SoftwareSupplyChain #SoftwareSecurity
Where does the rise of AI put incident responders?
techradar.com
-
Hidden gems are fun, hidden open source vulnerabilities? Not so much. Today, we're announcing we've uncovered millions of previously undetectable open source vulnerabilities (336,000 of them are critical) through a new, first-of-its-kind shaded vulnerability detection capability. This novel feature, part of our unique and unrivaled data capabilities in the Sonatype platform, is one piece of Sonatype's ongoing mission to provide comprehensiveness and precision in open source vulnerabilities, while virtually eliminating false positives and illuminating false negatives so development teams to work efficiently, they must prioritize where to spend their time. Learn more -- > https://bit.ly/4aYWH4x or come chat with us live at RSAC next week, booth 4624 in the North Expo. #Cybersecurity #Innovation #Sonatype #opensource #vulnerabilities