Software development organizations are turning to Sonatype for automated open source governance as risk of cyber exposure and pressure to innovate mounts
Fulton, MD – April 11, 2018 – Sonatype, the leader in automated open source governance and DevSecOps, today announced quarterly year-over-year sales growth. Gains include:
- 105% increase in new sales
- 131% growth in the number of enterprise applications protected 24x7 by Nexus
- 34% increase in employees, to keep up with demand
Organizations are increasingly battling two opposing masters - the pressure to develop software faster, and the pressure to keep applications secure. With nearly 60 security breaches publicly disclosed in March 2018 alone, overwhelmed development teams are embracing DevSecOps practices and turning to Sonatype to automatically manage risk associated with the use of open source components.
“The need for visibility and control over vulnerabilities, especially in open source components, has become business critical, making it impossible for companies to deny the integral role of security in DevOps,” said Wayne Jackson, CEO of Sonatype. “The strong growth we saw in Q1 is proof that the market for automated open source governance is maturing, and that companies are choosing Nexus to simultaneously accelerate software innovation while minimizing risk.”
“By 2019, more than 70% of enterprise DevSecOps initiatives will have incorporated automated
security vulnerability and configuration scanning for open-source components and commercial
packages, up from less than 10% today,” wrote Gartner analysts Neil MacDonald, David W. Cearley, Mike J. Walker, and Brian Burke in their 8 March 2018 report, Top 10 Strategic Technology Trends for 2018: Continuous Adaptive Risk and Trust. “DevOps developers shouldn't be forced to adopt information security's old processes. Instead, continuous security assurance should be integrated seamlessly into the developer's CI/CD toolchain and processes.”
More than 10 million software developers rely on Sonatype to innovate faster while mitigating security risks inherent in open source. Sonatype’s Nexus platform combines in-depth component intelligence with real-time remediation guidance to automate and scale open source governance across every stage of the modern DevOps pipeline. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, and Goldman Sachs.