Fulton, Md., Aug. 21, 2023 (GLOBE NEWSWIRE) — Sonatype, the pioneer of software supply chain management, has announced new product capabilities for Sonatype Repository FirewallSonatype Nexus Repository and Sonatype Lifecycle. Bolstering Sonatype’s industry-leading software supply chain management platform, these enhancements are designed to give organizations greater control of their software development life cycle (SDLC) while meeting the evolving needs of DevSecOps – empowering developer teams and their organizations to deliver innovative software safer, faster, and at scale.

New Sonatype product features include:


  • Additional Cloud Delivery Options: Streamline the procurement process with Sonatype Lifecycle and Sonatype Repository Firewall on AWS Marketplace. Sonatype Repository Firewall is also now available as a convenient SaaS solution, making onboarding easier than ever before.
  • Streamlined User ExperienceEasily control open source risk with improved navigation, compatibility enhancements, and extended inclusion of wildcard characters in Sonatype Lifecycle. Sonatype Repository Firewall enhancements feature cleaner views and improved discoverability of specific repositories and violations to simplify automated policy enforcement.
  • Simplified Onboarding and Administration: Effectively manage the onboarding process in Sonatype Nexus Repository with enhanced privilege administration and Quick Action to expedite common tasks, such as blob storage mapping and connecting new proxy repositories. With the new Sonatype Repository Firewall onboarding experience, AI-enhanced malware protection and vulnerability scanning for Nexus Repository can be turned on in minutes.
  • Improved Search Capabilities: Effortlessly connect new proxy repositories with streamlined connectivity in Sonatype Nexus Repository. Additional improvements include search capabilities for dates and times, along with faster component repository selection, contributing to a more intuitive and user-friendly experience.
  • Deeper Customization Capabilities: Sonatype Lifecycle users now have even more power to tailor vulnerability details for their environment, organization, and deployments, including the ability to customize CVSS Vector Strings, Severity, and CWE-IDs.
  • Boosted Observed License CoverageUsing the latest machine learning (ML) models, Sonatype Lifecycle has supercharged observed license detection with its Advanced Legal Pack, helping enterprises meet OSS license compliance obligations without sacrificing development velocity.
  • Enhanced Release Integrity Detection: Block malicious open source at the door with improved AI and ML-driven malicious package detection in Sonatype Repository Firewall.


“In today’s rapidly evolving digital landscape, organizations are in a continuous innovation cycle to retain their competitive edge, making speed paramount to success. That means software developers not only serve as a business-critical function to drive innovation and revenue, but also play a crucial role in fortifying ecosystems against relentless cyber threats,” said Mitchell Johnson, Chief Product Development Officer at Sonatype. “With this enhanced product functionality, Sonatype is enabling developers and engineering teams to accelerate productivity without sacrificing security. Teams can identify and mitigate risk earlier, innovate faster, and develop software fearlessly.”

Sonatype’s groundbreaking software supply chain management platform empowers customers to rapidly create, deploy, and maintain innovative software at scale. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to be ambitious, move fast and do it securely.

“Sonatype is continually recognized for its forward thinking, industry-leading approach to software supply chain security,” said Alex Berry, President at Sonatype. “We’re proud to offer best-in-class, cutting-edge security solutions that exceed the evolving needs of our customers, and are thrilled for what’s to come.”

To learn more about Sonatype’s new product enhancements, visit the Sonatype blog.

Sonatype is the software supply chain management company. Recognized by globally renowned analysts as a leader in the industry, Sonatype enables organizations to innovate faster in a highly competitive market. We allow engineers to develop software fearlessly and focus on building products that power businesses. Sonatype researchers have analyzed more than 120 million open source components – 40x more than its competitors – and the Sonatype platform has automatically blocked over 145,000 malicious components from entering developers’ code. Enabling high-quality, secure software helps organizations meet their business needs and those of their customers and partners. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on our tools and guidance to be ambitious, move fast and do it securely. To learn more about Sonatype, please visit www.sonatype.com.