Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Sonatype Nexus is Rising Above the Swamp

December 16, 2019 By Matt Howard

In case you missed it -- our rival JFrog published this blog post on Thursday.  Amidst the hyperbole, JFrog made a few statements that are true, and numerous that are rooted in fear mongering, falsehoods and gimmicky marketing tactics.  Please, allow me to explain.

Facts from JFrog About Sonatype Nexus.

JFrog states, "If you’ve been around in DevOps and DevSecOps for a while, you know that Nexus and Artifactory have been fierce competitors in the repository space. Sonatype had its roots in the Java and Maven space, and built on that success as “the Maven guys” for many years as they expanded their repository solutions.  Recently, Nexus shifted focus to DevSecOps and security aspects of their offering."

Yes.  It’s true.  We’ve been competing head-to-head with JFrog for years -- and we continue to compete with them today.  Make no mistake, on the commercial front, JFrog has been formidable. However, on the open source community front, they have been largely absent.  Conversely, as acknowledged by JFrog, Sonatype has long been steadfast supporters of our fellow engineers in the community. Our founders served as core contributors to Apache Maven.  We’ve long maintained Maven Central and we serve billions of components annually to developers around the world.  Lastly, we founded and actively maintain the Nexus Repository Manager project which has evolved into the world’s most popular binary repository manager with FREE support for all formats.

Separately, as stated by JFrog, it’s true that Sonatype has been actively expanding the Nexus platform beyond traditional repository manager features.  Specifically, we’ve pioneered the concept of software supply chain automation and have delivered innovative policy controls to enable engineering teams to automatically find and fix open source vulnerabilities early and everywhere across the DevOps pipeline.

Fiction from JFrog About Sonatype and Vista.

JFrog states,“Vista, the company that acquired Sonatype has a long history of buying and flipping companies. Savvy observers may wonder how much a financial company will invest in features and upkeep of the Nexus technology. It’s a complete unknown, and until direction is clear we are proud to be a safe landing pad for Sonatype customers looking for a repository and security solution that has a clear vision, roadmap, and future for their pipelines. We offer migration tools to help you move seamlessly from Docker or Nexus to JFrog Artifactory.”

In every growing software market, industry leaders attract interest from strategic investors seeking to accelerate growth. This, of course, is exactly why Vista was attracted to Sonatype.

We’re proud of the business that we’ve built over the years.  That said, we still have a long way to go to reach our full potential.  So, after much reflection, we decided that we wanted to reach the “next level” as an independent entity -- not tucked inside of some monolithic software vendor.  Our motivation in aligning with Vista was simple -- we wanted to continue to innovate and grow in support of our customers. Unique among growth stage investors, Vista employs more than 70,000 people and has more than $52 billion in committed capital.  They have a long term and strategic perspective, and are exclusively focused on partnering with world-class management teams to grow enterprise software, data, and technology-enabled organizations. Contrary to JFrog’s hyperbolic claims, our direction is quite clear. As such, savvy industry observers will not wonder about the future of the Nexus platform, rather they will reflect on Vista’s impressive track record of building great software companies — and they will know that Nexus will remain rock solid for years to come.

The Future of Nexus is Rock Solid.

Different from JFrog, we believe that facts speak for themselves.  That’s why we invite you to see for yourself why so many people prefer Nexus to JFrog Artifactory.  You can also try Nexus Repository Manager for FREE and see a side-by-side comparison between Nexus Repository Manager and JFrog Artifactory.

Artifactory vs. Nexus

As we head into 2020, the Nexus platform will continue to grow and expand alongside a powerful new strategic partner and the competition between Nexus and JFrog Artifactory will remain vibrant and energetic as the market for DevOps continues to mature.

Tags: Nexus vs. Artifactory, Nexus Repository, jfrog, featured, News and Views, Product

Written by Matt Howard

Matt is a proven executive and entrepreneur with over 20 years experience developing high-growth software companies, at Sonatype, he leads corporate marketing, strategic partnering, and demand generation initiatives.