Sonatype stories
Sonatype joins Linux Foundation registry working group to tackle funding, governance and security pressures as package downloads near 10 trillion.
Attackers hid malware in familiar package workflows, prompting Sonatype to log 21,764 malicious open-source packages in the quarter.
Sonatype says smaller AI tied to live software data can outsecure larger models on dependency upgrades, slashing risk and cost.
Sonatype enhances Repository Firewall to proactively block open source malware, integrating Zscaler and supporting Docker and AI models for robust DevSecOps protection.
Sonatype's latest Open Source Malware Index reveals a staggering rise in malware, with over 17,900 packages identified in Q1 2025, reflecting evolving threats.
Sonatype has unveiled its new AI Software Composition Analysis capabilities to enhance security and governance for open source AI technologies in enterprises.
Sonatype's latest research reveals a shocking rise in open source malware, with over 778,500 malicious packages detected in 2024, primarily affecting government organisations.
Sonatype and OpenText have partnered to create an integrated platform that enhances application security, streamlining compliance and risk management.
Sonatype has been named a leader in Software Composition Analysis by Forrester, praised for its high performance in security and dependency management.
Sonatype's latest report reveals open source software now comprises 90% of modern development, with a staggering 156% rise in malicious packages.
Sonatype's SBOM Manager and Nexus Repository are now available on AWS Marketplace, offering AWS users enhanced software supply chain security and management.
Sonatype releases its SBOM Manager, a crucial tool to help organisations track and manage software components.
Sonatype pioneers a system that detects hidden security threats in open-source code, uncovering more than 4.5 million previously undetected vulnerabilities.
Sonatype debuts its innovative SBOM Manager at KubeCon Europe, offering companies improved compliance and cybersecurity in software supply chains.
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.
92% of large enterprises now maintain an SBOM (software bill of materials) or plan to implement it in the next year.
