Forrester Recognizes Sonatype as a Market Leader in Software Composition Analysis

This week, independent analyst firm Forrester released it’s The Forrester Wave™: Software Composition Analysis (SCA), Q3 2021, following an in-depth evaluation of 10 SCA solutions. We’re extremely happy to announce that Sonatype’s Nexus platform was recognized as a market leader and strong performer, with the largest market presence amongst all companies analyzed. 

This is an achievement we’re quite proud of. It highlights the incredible work our team has done in building a solution that automates all parts of software supply chain security with an emphasis on open source security. More importantly, it showcases how vital it is for organizations to have total control of their cloud-native development lifecycles, including third-party open source code, first-party source code, infrastructure as code (IaC), and containerized code.

You can get the full report or continue reading for some of our key takeaways and what we’ve been working on at Sonatype. 

Stellar Policy Management, Underpinned by Precision Data 

Forrester notes Sonatype’s superior policy capabilities and license and vulnerability remediation as key reasons for our success. According to the report:

Sponsorships Available

Sponsorships Available

Sponsorships Available

“Policy is an area of strength for Sonatype, with out-of-the-box policies that align to a range of standards (particularly in the IaC pack) and a policy engine that allows users to create and assign policies to certain types of applications.” 

Core to who we are is giving organizations control of their code and the code that makes it into production applications. Across the Nexus platform, customers can create custom security, license, and architectural policies based on application type or organization and contextually enforce those policies across every stage of the software development life cycle.

But, our policy management is only as good as our data. Precision matters. We pride ourselves on having the most expansive, most in-depth and most actionable database of open (Read more...)