惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
F
Fortinet All Blogs
Vercel News
Vercel News
C
Check Point Blog
P
Privacy International News Feed
Know Your Adversary
Know Your Adversary
Google DeepMind News
Google DeepMind News
T
Troy Hunt's Blog
TaoSecurity Blog
TaoSecurity Blog
I
Intezer
T
The Exploit Database - CXSecurity.com
Security Archives - TechRepublic
Security Archives - TechRepublic
H
Hacker News: Front Page
P
Proofpoint News Feed
GbyAI
GbyAI
Engineering at Meta
Engineering at Meta
Attack and Defense Labs
Attack and Defense Labs
S
Security @ Cisco Blogs
IT之家
IT之家
D
DataBreaches.Net
Hacker News: Ask HN
Hacker News: Ask HN
SecWiki News
SecWiki News
Y
Y Combinator Blog
Project Zero
Project Zero
H
Hackread – Cybersecurity News, Data Breaches, AI and More
L
Lohrmann on Cybersecurity
T
Tenable Blog
大猫的无限游戏
大猫的无限游戏
L
LINUX DO - 最新话题
G
Google Developers Blog
The GitHub Blog
The GitHub Blog
Recorded Future
Recorded Future
有赞技术团队
有赞技术团队
Martin Fowler
Martin Fowler
K
Kaspersky official blog
PCI Perspectives
PCI Perspectives
A
Arctic Wolf
Latest news
Latest news
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
雷峰网
雷峰网
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Google Online Security Blog
Google Online Security Blog
P
Palo Alto Networks Blog
The Hacker News
The Hacker News
WordPress大学
WordPress大学
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
月光博客
月光博客
Schneier on Security
Schneier on Security
M
MIT News - Artificial intelligence

Press Releases

Sonatype Strengthens Leadership Team for AI-Driven Growth Sonatype Firewall Extends Malicious Package Protection Sonatype and Package Registry Leaders Unite on OS Sustainability Sonatype Releases Q1 2026 Open Source Malware Index AI Grounded in Intelligence Delivers Safer Outcomes | Sonatype Sonatype Research Reveals Open Source Malware Grows 75% Sonatype Introduces Guide for Secure Agentic Development CVE Program Leaves Vulnerabilities Unscored | Sonatype Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform Sonatype Grand Opening of India Innovation Hub in Hyderabad Announcing 2025 Elevate Award Winners & Finalists | Sonatype Open Source Malware Surges in Q3 as Attackers Target Dependencies Sonatype Named Visionary in 2025 Gartner® Magic Quadrant™ for AST Sonatype Launches Nexus Repository Cloud in the AI Era | Sonatype
Sonatype Named a Leader in the 2026 Gartner® Magic Quadrant™
Sonatype · 2026-06-19 · via Press Releases

Recognized for Completeness of Vision and Ability to Execute

Fulton, Md. – June 18, 2026 Sonatype®, the global leader in accelerating agentic software development with confidence, today announced it has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Software Supply Chain Security.

Modern applications are assembled from open source components, third-party packages, containers, AI-generated code, models, and dependencies moving through development pipelines at machine speed. In our view, that shift has created a simple problem with enterprise-scale consequences: security cannot wait until after the build.

“AI is fundamentally changing how enterprises develop software, and the organizations that will lead in this next era are the ones that can innovate without losing control,” said Bhagwat Swaroop, CEO of Sonatype. “Software supply chain security must be treated as a core part of how enterprises govern innovation, manage risk, and ship trusted software at scale. We believe being named a Leader in the 2026 Gartner® Magic Quadrant™ for Software Supply Chain Security reflects Sonatype’s role in helping customers build that foundation for the AI era.”

Unlike approaches focused mainly on finding problems after software is built, the Nexus One platform gives enterprises one control plane for software assembly. Powered by two decades of Maven Central stewardship and Nexus IQ intelligence, Nexus One encompasses:

  • Nexus Repository, a verified system of record for developers and agents to build from, helping teams standardize the open source, packages, and artifacts entering development.
  • Firewall, a protected front door that blocks malicious, vulnerable, and non-compliant components before they enter development, stopping risky dependencies before they become rework or exposure.
  • Guide, an AI-powered solution that helps developers and agents choose safer packages, dependencies, and models, so AI-assisted development moves quickly without relying on guesswork.
  • Lifecycle, a policy and remediation engine that prioritizes and helps fix the risks that matter most, reducing noise and focusing developer effort without slowing delivery.
  • SBOM Manager, the evidence layer that proves what is inside every application, helping compliance, auditability, and software transparency keep pace with modern development.

Together, these capabilities help enterprises approve, block, guide, remediate, and document software decisions across the SDLC, giving developers and AI agents a safer path to build from and giving leaders confidence in what ships.

“Development organizations are under pressure to move faster than ever, but speed only creates value when teams can trust what their AI tools produce,” said Mitchell Johnson, Chief Product Development Officer at Sonatype. “Developers and AI agents are making dependency decisions continuously, and traditional review models were not built for that pace. Sonatype helps engineering teams automate trusted decision-making so they can choose safer components, block risky ones, eliminate rework, and realize the full benefit of AI-powered development.”

Sonatype is particularly well suited for the Fortune 500, specifically regulated industries, organizations building software at scale, and teams adopting AI-assisted development. Today, Sonatype helps millions of developers and thousands of enterprises build software with confidence.

*Gartner, Magic Quadrant for Software Supply Chain Security, Aaron Lord, Johnny Walters, Jason Gross, 18 June 2026

GARTNER and MAGIC QUADRANT are trademarks of Gartner, Inc. and/or its affiliates.

Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.

About Sonatype

Sonatype is the company that accelerates agentic software development with confidence. Trusted by thousands of enterprises and millions of developers, Sonatype helps organizations build with confidence by governing the open source, AI-generated, and third-party components that power modern software. As the steward of Maven Central and the company behind Nexus Repository, Sonatype provides unmatched visibility into how software is built, consumed, and secured — helping teams move faster, reduce risk, and ship software with confidence at AI scale. To learn more about Sonatype, please visit www.sonatype.com.