
Location
Headquarters: Fulton, Maryland, United States, North America
Region: Maryland
Country: US
Continent: North America
About
Sonatype provides intelligence and automated governance to accelerate secure software development, focusing on open source components and AI-enabled workflows. It offers tools and solutions to manage software supply chains, including artifact repositories, open source security and dependency management, malware protection, SBOM management, and AI-assisted guidance. The company serves developers, DevOps teams, and security professionals, with global deployments and solutions spanning government, financial services, technology, healthcare, and manufacturing. Headquartered near Fulton, Maryland, Sonatype emphasizes shift-left security and governance to help teams ship code faster and safer.
Sonatype provides software supply chain management solutions that help organizations secure their development lifecycle through open-source component governance and repository management. Its platform includes Nexus Repository Manager for artifact storage, Nexus Lifecycle for vulnerability identification, and Nexus Intelligence for risk insights. The company serves developers and security teams ac
Sonatype Inc.
2008
for_profit
active
Industries
Primary Industry: Software
Categories
Funding & Financials
Private Equity
145000000
50m-100m
private
Investors
Founders
Brian Fox
Jason van Zyl
Leadership
Dave Miller — Chief Financial Officer
Brian Fox — CoFounder and Chief Technology Officer
Maury Cupitt — Regional VP, Sales Engineering - Americas
Thomas DuBuisson — Principal Engineer
Bhagwat Swaroop — Chief Executive Officer
Sanika Sudhalkar — Engineering Manager
Wai Man Yau — General Manager International
Technology Stack
Products
Repository Firewall: A software supply chain security tool that intercepts malicious open source components using AI-powered behavioral analysis to prevent malware attacks.
Nexus Repository: A centralized repository manager for storing, managing, and distributing software components and binaries to support repeatable builds and development workflows.
Lifecycle: A software composition analysis tool that monitors open source component health and policy compliance throughout the software development lifecycle.
SBOM Manager: A tool for managing software bill of materials (SBOM) and ensuring compliance with procurement, regulatory, and security requirements at scale.
Funding rounds
Acquired · (2019-11-18)
Private Equity · $80M · (2018-09-07) · Lead: TPG
Private Equity · $30M · (2016-02-03) · Lead: Goldman Sachs Growth Equity
Connect
Connect
Open positions
No open positions at the moment. Check back later or browse all jobs.
Browse all jobs