Plans & Pricing

Package Pricing

Standard

Manage and protect your development pipelines with Nexus Repository,  Nexus Firewall and Sonatype Lift.

$78,400
per year
(100 users)

INCLUDES:

  • Ability to define policy and automatically prevent open source risk from entering your software supply chain
  • Code Quality and Software Composition Analysis (SCA)
  • Expert guidance for alternative and compliant versions
  • Universal format coverage to manage binaries and build artifacts
  • Multi-Cloud Storage: Amazon S3 and Azure Blob Storage
  • Integration with your favorite CI/CD tools
  • SAML single sign-on
  • Advanced metadata tagging
  • Staging and build promotion
  • High availability clustering
  • 24/7 expert support

Premium

Analyze and continuously secure your entire software supply chain with Nexus Repository, Nexus Firewall, Nexus Lifecycle and Sonatype Lift.

$135,900
per year
(100 users)

INCLUDES:

  • All standard features, PLUS...
  • Ability to define policy and automatically enforce policies across your entire software supply chain
  • Code Quality Analysis
  • Automatic generation of a software bill of materials for all builds
  • Safer component selection for developers
  • Dashboards to identify MTTR and relevant success metrics
  • High-speed remediation with expert guidance
  • Continuous monitoring for new vulnerabilities
  • Dependency management in source control with automated pull requests

Enterprise

Automate application and container scanning across your entire software supply chain with Nexus Repository, Nexus Firewall, Nexus Lifecycle, Nexus Container and Sonatype Lift.

Let's chat.

INCLUDES:

  • All premium features, PLUS...
  • Container security with deep scanning and advanced runtime monitoring
  • Runtime configuration and OS analysis to discover and fix vulnerabilities in containers
  • Network inspection with Layer 7 DPI
  • Threat detection with DDos, DNS
  • Data breach detection
  • Service Mesh integration with encrypted packet inspection
  • Auto scanning and container visualization/ mapping
  • Custom response rules

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.

HIDE ALL PLAN DETAILS
Artifact Repositiory

Centralize and manage all your components, binaries, and build artifacts.

FREE

INCLUDES:

  • Unlimited number of users
  • Unlimited proxy, host and group repositories
  • Universal format coverage
  • Integration with popular CI/CD tools
  • Container registry
  • Community formats and plugins
  • Cloud storage: Amazon S3

Take your builds to the next level with enterprise artifact management, multi-cloud storage and high availability.

$120
per user
per year

INCLUDES:

  • Everything in Repository OSS, PLUS...
  • Enterprise management of binaries and build artifacts
  • SAML single sign-on
  • Multi-Cloud: Azure Blob Storage coming soon
  • High availability clustering
  • Advanced metadata tagging
  • Staging and build promotion
  • Group Blob store
  • Group deployment (Docker)
  • Enterprise standard support

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.

HIDE PRODUCT DETAILS
Code Quality Analysis

Code Quality and Software Composition Analysis (SCA), free forever on public repositories. (Early Access)

FREE

INCLUDES:

  • Cloud-based
  • Code Quality and Software Composition Analysis (SCA)
  • Unlimited use on public repos
  • Free forever
  • Unlimited use on private repos for a limited time
A "User" is any person who submits code changes (pull requests / merge requests).
HIDE PRODUCT DETAILS
Software Composition Analysis

Advance your SCA, stopping OSS risk at the front door.

$424
per user
per year*

INCLUDES:

  • Ability to define policy and automatically prevent risky open source from entering your software supply chain
  • Expert guidance for alternative and compliant versions
  • Universal language coverage

Eliminate OSS risk across the entire SDLC.

$775
per user
per year*

INCLUDES:

  • Ability to define policy and automatically enforce compliance across your entire software supply chain
  • Integration with your favorite CI/CD tools
  • Frontline developer advantage with use of popular IDEs
  • Rapid remediation with expert guidance
  • Continuous monitoring for new vulnerabilities

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.

HIDE PRODUCT DETAILS
Container Security

Protect your containers with vulnerability scanning, compliance, and remediation at runtime.

Contact sales for pricing.

INCLUDES:

  • Automated Scanning providing continuous container security (host, platform, registry and container), from pipeline through production
  • Zero-Trust Segmentation and automated security policy generation at Network, Process and File Access security layers
  • Data Loss Prevention (DLP) for containers
  • Deep Packet Inspection providing identification and validation of Layer-7 application protocols
  • Network Threat Detection including DDoSs, DNS Tunneling, Remote Code Execution (RCE), ICMP Flood, SQL Injection, and more
  • Security as Code export for replicating Zero-Trust Segmentation and security policies for containers, namespaces, custom groups and clusters.
  • Live Network visualization, mapping and packet capture
  • Service Mesh compatible with mTLS encryption enabled

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.

HIDE PRODUCT DETAILS

Standard

Manage and protect your development pipelines with Nexus Repository,  Nexus Firewall and Sonatype Lift.

$78,400
per year
(100 users)

Premium

Analyze and continuously secure your entire software supply chain with Nexus Repository, Nexus Firewall, Nexus Lifecycle and Sonatype Lift.

$135,900
per year
(100 users)

Enterprise

Automate application and container scanning across your entire software supply chain with Nexus Repository, Nexus Firewall, Nexus Lifecycle, Nexus Container and Sonatype Lift.

Let's chat.

INCLUDES:

  • Ability to define policy and automatically prevent open source risk from entering your software supply chain
  • Code Quality and Software Composition Analysis (SCA)
  • Expert guidance for alternative and compliant versions
  • Universal format coverage to manage binaries and build artifacts
  • Multi-Cloud Storage: Amazon S3 and Azure Blob Storage
  • Integration with your favorite CI/CD tools
  • SAML single sign-on
  • Advanced metadata tagging
  • Staging and build promotion
  • High availability clustering
  • 24/7 expert support

INCLUDES:

  • All standard features, PLUS...
  • Ability to define policy and automatically enforce policies across your entire software supply chain
  • Code Quality Analysis
  • Automatic generation of a software bill of materials for all builds
  • Safer component selection for developers
  • Dashboards to identify MTTR and relevant success metrics
  • High-speed remediation with expert guidance
  • Continuous monitoring for new vulnerabilities
  • Dependency management in source control with automated pull requests

INCLUDES:

  • All premium features, PLUS...
  • Container security with deep scanning and advanced runtime monitoring
  • Runtime configuration and OS analysis to discover and fix vulnerabilities in containers
  • Network inspection with Layer 7 DPI
  • Threat detection with DDos, DNS
  • Data breach detection
  • Service Mesh integration with encrypted packet inspection
  • Auto scanning and container visualization/ mapping
  • Custom response rules

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.
ALL PLAN DETAILS

Centralize and manage all your components, binaries, and build artifacts.

Take your builds to the next level with enterprise artifact management, multi-cloud storage and high availability.

$120
per user
per year

INCLUDES:

  • Unlimited number of users
  • Unlimited proxy, host and group repositories
  • Universal format coverage
  • Integration with popular CI/CD tools
  • Container registry
  • Community formats and plugins
  • Cloud storage: Amazon S3

INCLUDES:

  • Everything in Repository OSS, PLUS...
  • Enterprise management of binaries and build artifacts
  • SAML single sign-on
  • Multi-Cloud: Azure Blob Storage coming soon
  • High availability clustering
  • Advanced metadata tagging
  • Staging and build promotion
  • Group Blob store
  • Group deployment (Docker)
  • Enterprise standard support

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.
PRODUCT DETAILS

Code Quality and Software Composition Analysis (SCA), free forever on public repositories. (Early Access)

FREE

INCLUDES:

  • Cloud-based
  • Code Quality and Software Composition Analysis (SCA)
  • Unlimited use on public repos
  • Free forever
  • Unlimited use on private repos for a limited time
A "User" is any person who submits code changes (pull requests / merge requests).
PRODUCT DETAILS

Advance your SCA, stopping OSS risk at the front door.

$424
per user
per year*

Eliminate OSS risk across the entire SDLC.

$775
per user
per year*

INCLUDES:

  • Ability to define policy and automatically prevent risky open source from entering your software supply chain
  • Expert guidance for alternative and compliant versions
  • Universal language coverage

INCLUDES:

  • Ability to define policy and automatically enforce compliance across your entire software supply chain
  • Integration with your favorite CI/CD tools
  • Frontline developer advantage with use of popular IDEs
  • Rapid remediation with expert guidance
  • Continuous monitoring for new vulnerabilities

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.
PRODUCT DETAILS

Protect your containers with vulnerability scanning, compliance, and remediation at runtime.

Contact sales for pricing.

INCLUDES:

  • Automated Scanning providing continuous container security (host, platform, registry and container), from pipeline through production
  • Zero-Trust Segmentation and automated security policy generation at Network, Process and File Access security layers
  • Data Loss Prevention (DLP) for containers
  • Deep Packet Inspection providing identification and validation of Layer-7 application protocols
  • Network Threat Detection including DDoSs, DNS Tunneling, Remote Code Execution (RCE), ICMP Flood, SQL Injection, and more
  • Security as Code export for replicating Zero-Trust Segmentation and security policies for containers, namespaces, custom groups and clusters.
  • Live Network visualization, mapping and packet capture
  • Service Mesh compatible with mTLS encryption enabled

Billed annually / Unlimited repositories / Unlimited integrations.

A "User" subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.
PRODUCT DETAILS

Available Add-Ons

Enhance your Nexus Lifecycle capabilities with these expansion packs. Contact Sales for pricing details.

Infrastructure as code

Infrastucture as Code Pack

Empower developers to discover cloud security and compliance issues with IaC terraform analysis, giving development teams immediate feedback on cloud misconfigurations before they surface in production.

ADP-pricing image

Advanced Development Pack

Specifically designed to make development teams’ lives easier, this next-gen dependency management solution helps improve code quality, minimize breaking changes, and integrate security seamlessly into agile workflows.

Frequently Asked Questions

Do you offer free trials?

Yes, we provide a 14-day free trial of Nexus Repository Pro.

What are my payment options?

Our products are billed annually with flexible pricing for any size team or enterprise. Contact our sales teams for more details.

How is ‘user’ defined based on pricing?

A “user” subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.

How do the add-on packs work with Nexus Lifecycle?

Nexus Lifecycle Add-On Packs are not standalone products and do require a license of Nexus Lifecycle.

Which programming languages work with Sonatype products?

Sonatype provides extensive language and package support for all of our solutions.

Which third-party integrations work with Sonatype products?

Check out our product integrations to see how our solutions works with popular CI/CD and build tools, IDEs, SCM, and many more!

Do you offer free trials?

Yes, we provide a 14-day free trial of Nexus Repository Pro.

What are my payment options?

Our products are billed annually with flexible pricing for any size team or enterprise. Contact our sales teams for more details.

How is ‘user’ defined based on pricing?

A “user” subscription must be purchased for each individual (whether employee or contractor) who produces, consumes, or evaluates software artifacts that are stored in or scanned, analyzed or otherwise evaluated by a Sonatype product.

How do the add-on packs work with Nexus Lifecycle?

Nexus Lifecycle Add-On Packs are not standalone products and do require a license of Nexus Lifecycle.

Which programming languages work with Sonatype products?

Sonatype provides extensive language and package support for all of our solutions.

Which third-party integrations work with Sonatype products?

Check out our product integrations to see how our solutions works with popular CI/CD and build tools, IDEs, SCM, and many more!

Get started with Nexus Repository Pro today.

Get started with Nexus Repository Pro today.