Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Sonatype of the it-sa 365
default Stage Background

Hall 7 - Booth Number 7-153


Automate software supply chain security to accelerate developer innovation.

About us






We offer

  • Open source (software and services)
  • Firewalls
  • Application security
  • Vulnerability and patch management
168 Shoreditch High Street
E16HU London
United Kingdom

About us

More than 1,500 enterprises and 15 million software developers rely on Sonatype to accelerate innovation while improving application security. Our developer-friendly and comprehensive platform gives organizations complete control over the cloud-native development lifecycle, including: - First-party source code (code written in-house). - Third-party open source code (code you borrow) - Infrastructure as code - Containerized code The Nexus platform combines deep component intelligence with real-time remediation guidance to automate and scale open source governance at every stage of the modern DevOps pipeline. Our machine learning engine (Nexus Intelligence) has analyzed more than 70 million open source libraries, and we continuously share this information with our customers so they can make better innovation decisions early and everywhere in the development lifecycle. DevOps teams eliminate friction associated with manual governance and deliver secure software faster than ever before - keeping everyone happy: Developers, security professionals, and IT ops. For developers: - Accurate and actionable feedback to fix bugs during code reviews. - Early scanning of manifests to identify open source risks early. - Integration with development tools to increase adoption and usage (SCM, IDEs, Jira, etc.) - Automated dependency management for direct and transitive dependencies. For security professionals: -Flexible policy engine -Scan binaries originating from public repos and prevent them from entering the software supply chain. -Scan the application as deployed (binary) to identify mutated (or modified) components through partial matching.
  ... read more


show more
Remember Remove

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.