Sonatype Closes $30 Million Financing

February 04, 2016 By Wayne Jackson

5 minute read time

At Sonatype, we know that two things are true:

  1. Security, quality, and speed are critical to modern software (business) success, and
  2. The world’s best software starts with the world’s best components.

That’s precisely why our Nexus Software Supply Chain Automation solutions automatically and continuously infuse the highest quality components into every aspect of software development lifecycles.

It’s also why we’re excited to announce a $30 million financing led by Goldman SachsPrincipal Strategic Investments Group, with full participation from our existing investors, New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, Morgenthaler Ventures and Bay Partners.

Clearly, this is a watershed event for our company. Therefore, I wanted to take a few minutes to reflect on the past, present, and future of our industry.

Separately, I wanted to share some key statistics highlighting our progress thus far.

Software Development Past

In 1983, Richard Stallman created GNU, the world’s first open source project. This one event set into motion a wave that would eventually transform the discipline of software engineering from a manual process involving “coding on keyboards”; to an automated process involving the “assembly of prefabricated component parts”.

Today, this wave is known as open source software manufacturing, and it literally represents the greatest innovation wave in the history of the world. It’s tremendous energy is fueled by an enormous volume and variety of reusable parts. Furthemore, this wave has a familiar motion that closely resembles how physical goods, like automobiles, are manufactured.

But the wave is not invincible. It’s two big weaknesses are (1) parts are not created equal, and (2) parts age and grow stale quickly.

Software Development Present

Faced with intense pressure to deliver high quality and secure software faster than ever, today’s development organizations need tools to make it automatically obvious what parts within the wave are good, and what parts are not. Furthemore, they require the ability to track and trace in real time the precise location of every part throughout the entire software supply chain.

Without such tools, development organizations are forced to surf this powerful wave while blindfolded. Inevitably, mistakes are made and these organizations fall into shark infested waters where they face a variety of threats including restrictive licenses, security vulnerabilities, and downright waste due to significant amounts of unplanned work and excessive context switching.

Software Development Future

As software development leaders around the world continue to grapple with intense demands for security, quality, and speed -- they are simultaneously embracing our Nexus Software Supply Chain Automation tools. Today, more than 90,000 organizations around the world use:

  1. Nexus Repository to efficiently organize and manage components
  2. Nexus Firewall to automatically protect themselves from undesirable components
  3. Nexus Lifecycle to continuously monitor components across their entire supply chain

Going forward, this number will continue to grow, because the bottomline is this: with Sonatype on their side, organizations improve software security, quality, and speed -- and benefit from a smooth and fast ride on the open source innovation wave.

Some Key Stats

  • Last year, developers requested more than 30 billion components from our Central Repository to manufacture the software applications that run the world.
  • Today more than 90,000 organizations use Sonatype’s Nexus solutions to manage reusable components and improve the security, quality and speed of their software development lifecycles.
  • Strong YoY growth in Nexus Repository market share is driven by universal support for language formats including, Maven, Docker, NPM, Bower, RubyGems and NuGet.
  • 1 in 14 components downloaded to a repository manager is marked by a known security vulnerability. This fact is driving solid adoption of our Nexus Firewall solution.
  • The rapid emergence of DevOps is driving demand for Nexus Lifecycle because it is the world’s only component intelligence solution fast enough to keep pace.
  • Our customers love our products as evidenced by our best-in-class customer retention rate.

Thank You

Our current momentum would not be possible without the support of our valued customers, trusted partners, and dedicated employees. And, I especially want to thank Brian Fox, Sonatype co-founder and VP Product Management, whose insight, leadership, and perseverance over the years have been critical to our success.

Finally, and most importantly, I want to thank the 90,000 active organizations and their developers that make up the Nexus community and our growing ecosystem of technology partners for believing in and supporting us. Together, we will continue to revolutionize how software is built.

Learn More about Sonatype

https://www.youtube.com/watch?v=6lKIQaX7qQ0

>> Join our Nexus community.

>> Download a Nexus 30-day trial.

>> Read the Nexus 3.0 release notes.

Tags: Sonatype Nexus, Software Supply Chain, bill of materials (of 3rd party and open source co, repository management, Software supply chain management

Written by Wayne Jackson

Wayne is the CEO of Sonatype, a role he has held since 2010. Prior to Sonatype, Wayne served as the CEO of open source network security pioneer Sourcefire, Inc. (NASDAQ:FIRE), which he guided from fledgling start-up through an IPO in March of 2007, later acquired by Cisco for $2.7 billion. Before Sourcefire, Wayne co-founded Riverbed Technologies, a wireless infrastructure company, and served as its CEO until the sale of the company for more than $1 billion in March of 2000.