Trust
Security & compliance
The vendor hasn’t added security or compliance details yet.
Sonatype provides software supply chain management and SCA tools including Nexus Repository and Sonatype Lifecycle for managing open-source security and compliance.
Pricing
$175+ / year
Founded
2008
Team size
501-1,000 employees
Headquarters
Fulton, Maryland
At a glance
Pricing model
Try before you buy
Integrates with
Sonatype provides a comprehensive software supply chain management platform that helps organizations govern the use of open-source and AI components. The platform includes Nexus Repository for artifact management and Sonatype Lifecycle for policy-based SCA.
Key features include real-time vulnerability intelligence from a curated database, automated policy enforcement, SBOM management, malicious package detection, and CI/CD integration. The Nexus Repository is used by millions of developers worldwide.
Sonatype serves development and security teams across enterprises that need to manage open-source risk and ensure compliance with software supply chain security requirements.
Structured facts from the vendor to help your security, finance, and procurement reviews move faster.
Trust
The vendor hasn’t added security or compliance details yet.
Pricing
Pricing model: Tiered plans
Free trial: Yes
Free plan: Yes
Contract minimum: Not specified
Procurement
The vendor hasn’t added purchasing & legal details yet.
Fit
Company-size fit has not been specified yet.