Sonatype

Sonatype is the leading software supply chain management company, helping organizations govern and secure the open source components used in modern software development.

Visit Website

At a Glance

25Tool Views

Fulton, MarylandHeadquarters

2008Est.

540Employees

Compliance and Governance

Connect

AI Tools by Sonatype

(1)

Sonatype

Software Supply Chain Security

App Security Code Security Compliance & Gov

Discussions

No discussions yet

Be the first to start a discussion about Sonatype

Latest News

03/24/2026

AI Coding Safety Gains Rely on Real-Time Software Intelligence

Sonatype Newsroom

01/28/2026

OSS Malware Grows 75% as Yearly Downloads Surpass 9.8 Trillion

Sonatype Newsroom

12/09/2025

Sonatype Introduces Guide for Secure Agentic Development

Sonatype Newsroom

11/19/2025

Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform

Sonatype Newsroom

Products & Services

Nexus Repository

2008

The world's leading artifact repository manager, available in OSS and Professional editions.

Nexus Lifecycle

Automates open source governance and security throughout the software development lifecycle.

Nexus Firewall

Blocks malicious open source components from entering the development environment.

Nexus One

November 2025

An AI-native DevSecOps platform that unifies governance and security across the supply chain.

Market Position

Sonatype positions itself as the pioneer of software supply chain security, leveraging its deep connection to Maven Central and advanced AI to provide real-time intelligence that competitors lack.

Leadership

Founders

Jason Van Zyl

Creator of Apache Maven and Apache Plexus. Founder of Sonatype.

Brian Fox

Co-founder and CTO. Significant contributor to the Apache Maven project.

Executive Team

Bhagwat Swaroop

Chief Executive Officer

Joined Sonatype in July 2025. Previously at Cybereason, Proofpoint, and Symantec.

Wayne Jackson

Executive Chairman

Former CEO of Sonatype (2010-2025). Previously CEO of Sourcefire and Riverbed Technologies.

Board of Directors

Wayne Jackson

Executive Chairman

Brian Fox

Board Member

Larry Quinlan

Board Member (Former CIO of Deloitte)

Founding Story

Founded by Jason Van Zyl, the creator of Apache Maven, and Brian Fox to provide visibility and control over the software supply chain as open source usage exploded. They aimed to commercialize the technology behind Maven and Maven Central.

Business Model

Revenue

Estimated $150M ARR.

Revenue Model

Subscription-based SaaS and self-hosted licenses.

Pricing Tiers

Nexus Repository OSS

Free

Basic artifact management.

Nexus Repository Pro (Cloud)

$135+

Cloud-native OSS component and AI/ML repository.

Nexus Repository Pro (Self-Hosted)

~$3,000/year

Includes LDAP, Staging, and advanced support.

Acquired (Private, owned by Vista Equity Partners)

Target Markets

Industries & Segments

Fortune 100 enterprises
Financial services
Technology
Healthcare
Government

Use Cases

Software supply chain security
DevSecOps automation
Continuous compliance
Malware blocking
AI-native development governance

Notable Customers

Salesforce
Delta Airlines
EDF
Equifax

Quick Facts

Headquarters

Fulton, Maryland, United States

Founded

2008

Entity Type

Inc.

Employees

540

Total Funding

$154.7M (Prior to acquisition)

Investors

Vista Equity Partners, TPG

Office Locations

Fulton

London

Sydney

Hyderabad

Funding History

Series A$4.5M

June 2008

HWVP

Series A$5.2M

September 2009

Bay Partners

Series B$10M

September 2010

Accel

History & Milestones

2025

Bhagwat Swaroop appointed as CEO; Wayne Jackson becomes Executive Chairman.

2025

Launched Nexus One, an AI-native DevSecOps platform.

2019

Acquired by Vista Equity Partners.

2012

Raised $25M in Series C funding led by NEA.

2010

Wayne Jackson appointed as CEO.

Key Capabilities

Automated software composition analysis (SCA)

Open source malware protection

Binary artifact management

Policy-driven governance

AI/ML model security

Agentic AI development security

Integrations & Partnerships

Platform Integrations

GitHub Actions
Jenkins
Jira
Azure DevOps
AWS Marketplace

Key Partnerships

AWS

ServiceNow

OpenText

Connect

Website

GitHub

X / Twitter

YouTube

AI Topics

Sonatype focuses on these topics:

Application Security(1)

Code Security(1)

Compliance and Governance(1)

Back to all developers

Sonatype

Sonatype is the leading software supply chain management company, helping organizations govern and secure the open source components used in modern software development.

Visit Website

At a Glance

25Tool Views

Fulton, MarylandHeadquarters

2008Est.

540Employees

Compliance and Governance

Connect

AI Tools by Sonatype

(1)

Sonatype

Software Supply Chain Security

App Security Code Security Compliance & Gov

Discussions

No discussions yet

Be the first to start a discussion about Sonatype

Latest News

03/24/2026

AI Coding Safety Gains Rely on Real-Time Software Intelligence

Sonatype Newsroom

01/28/2026

OSS Malware Grows 75% as Yearly Downloads Surpass 9.8 Trillion

Sonatype Newsroom

12/09/2025

Sonatype Introduces Guide for Secure Agentic Development

Sonatype Newsroom

11/19/2025

Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform

Sonatype Newsroom

Products & Services

Nexus Repository

2008

The world's leading artifact repository manager, available in OSS and Professional editions.

Nexus Lifecycle

Automates open source governance and security throughout the software development lifecycle.

Nexus Firewall

Blocks malicious open source components from entering the development environment.

Nexus One

November 2025

An AI-native DevSecOps platform that unifies governance and security across the supply chain.

Market Position

Sonatype positions itself as the pioneer of software supply chain security, leveraging its deep connection to Maven Central and advanced AI to provide real-time intelligence that competitors lack.

Leadership

Founders

Jason Van Zyl

Creator of Apache Maven and Apache Plexus. Founder of Sonatype.

Brian Fox

Co-founder and CTO. Significant contributor to the Apache Maven project.

Executive Team

Bhagwat Swaroop

Chief Executive Officer

Joined Sonatype in July 2025. Previously at Cybereason, Proofpoint, and Symantec.

Wayne Jackson

Executive Chairman

Former CEO of Sonatype (2010-2025). Previously CEO of Sourcefire and Riverbed Technologies.

Board of Directors

Wayne Jackson

Executive Chairman

Brian Fox

Board Member

Larry Quinlan

Board Member (Former CIO of Deloitte)

Founding Story

Business Model

Revenue

Estimated $150M ARR.

Revenue Model

Subscription-based SaaS and self-hosted licenses.

Pricing Tiers

Nexus Repository OSS

Free

Basic artifact management.

Nexus Repository Pro (Cloud)

$135+

Cloud-native OSS component and AI/ML repository.

Nexus Repository Pro (Self-Hosted)

~$3,000/year

Includes LDAP, Staging, and advanced support.

Acquired (Private, owned by Vista Equity Partners)

Target Markets

Industries & Segments

Fortune 100 enterprises
Financial services
Technology
Healthcare
Government

Use Cases

Software supply chain security
DevSecOps automation
Continuous compliance
Malware blocking
AI-native development governance

Notable Customers

Salesforce
Delta Airlines
EDF
Equifax

Quick Facts

Headquarters

Fulton, Maryland, United States

Founded

2008

Entity Type

Inc.

Employees

540

Total Funding

$154.7M (Prior to acquisition)

Investors

Vista Equity Partners, TPG

Office Locations

Fulton

London

Sydney

Hyderabad

Funding History

Series A$4.5M

June 2008

HWVP

Series A$5.2M

September 2009

Bay Partners

Series B$10M

September 2010

Accel

History & Milestones

2025

Bhagwat Swaroop appointed as CEO; Wayne Jackson becomes Executive Chairman.

2025

Launched Nexus One, an AI-native DevSecOps platform.

2019

Acquired by Vista Equity Partners.

2012

Raised $25M in Series C funding led by NEA.

2010

Wayne Jackson appointed as CEO.

Key Capabilities

Automated software composition analysis (SCA)

Open source malware protection

Binary artifact management

Policy-driven governance

AI/ML model security

Agentic AI development security

Integrations & Partnerships

Platform Integrations

GitHub Actions
Jenkins
Jira
Azure DevOps
AWS Marketplace

Key Partnerships

AWS

ServiceNow

OpenText

Connect

Website

GitHub

X / Twitter

YouTube

AI Topics

Sonatype focuses on these topics:

Application Security(1)

Code Security(1)

Compliance and Governance(1)

Back to all developers