惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

C
CXSECURITY Database RSS Feed - CXSecurity.com
Stack Overflow Blog
Stack Overflow Blog
月光博客
月光博客
T
Threat Research - Cisco Blogs
小众软件
小众软件
有赞技术团队
有赞技术团队
酷 壳 – CoolShell
酷 壳 – CoolShell
Apple Machine Learning Research
Apple Machine Learning Research
C
Cyber Attacks, Cyber Crime and Cyber Security
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
T
Tailwind CSS Blog
Cisco Talos Blog
Cisco Talos Blog
V
V2EX
博客园 - 【当耐特】
C
Cybersecurity and Infrastructure Security Agency CISA
Hugging Face - Blog
Hugging Face - Blog
The Cloudflare Blog
The Last Watchdog
The Last Watchdog
Simon Willison's Weblog
Simon Willison's Weblog
T
Threatpost
S
Secure Thoughts
O
OpenAI News
P
Proofpoint News Feed
S
SegmentFault 最新的问题
Forbes - Security
Forbes - Security
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Application and Cybersecurity Blog
Application and Cybersecurity Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Last Week in AI
Last Week in AI
宝玉的分享
宝玉的分享
Scott Helme
Scott Helme
T
Tenable Blog
A
Arctic Wolf
L
LINUX DO - 热门话题
爱范儿
爱范儿
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
www.infosecurity-magazine.com
www.infosecurity-magazine.com
V
Visual Studio Blog
Hacker News: Ask HN
Hacker News: Ask HN
Hacker News - Newest:
Hacker News - Newest: "LLM"
腾讯CDC
博客园 - Franky
WordPress大学
WordPress大学
Know Your Adversary
Know Your Adversary
博客园_首页
雷峰网
雷峰网
IT之家
IT之家
PCI Perspectives
PCI Perspectives
L
LINUX DO - 最新话题
H
Heimdal Security Blog

Press Releases

Sonatype Strengthens Leadership Team for AI-Driven Growth Sonatype Firewall Extends Malicious Package Protection Sonatype and Package Registry Leaders Unite on OS Sustainability Sonatype Releases Q1 2026 Open Source Malware Index AI Grounded in Intelligence Delivers Safer Outcomes | Sonatype Sonatype Research Reveals Open Source Malware Grows 75% Sonatype Introduces Guide for Secure Agentic Development CVE Program Leaves Vulnerabilities Unscored | Sonatype Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform Sonatype Grand Opening of India Innovation Hub in Hyderabad Announcing 2025 Elevate Award Winners & Finalists | Sonatype Open Source Malware Surges in Q3 as Attackers Target Dependencies Sonatype Named Visionary in 2025 Gartner® Magic Quadrant™ for AST Sonatype Launches Nexus Repository Cloud in the AI Era | Sonatype
Sonatype Named a Leader in the 2026 Gartner® Magic Quadrant™
Sonatype · 2026-06-19 · via Press Releases

Recognized for Completeness of Vision and Ability to Execute

Fulton, Md. – June 18, 2026 Sonatype®, the global leader in accelerating agentic software development with confidence, today announced it has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Software Supply Chain Security.

Modern applications are assembled from open source components, third-party packages, containers, AI-generated code, models, and dependencies moving through development pipelines at machine speed. In our view, that shift has created a simple problem with enterprise-scale consequences: security cannot wait until after the build.

“AI is fundamentally changing how enterprises develop software, and the organizations that will lead in this next era are the ones that can innovate without losing control,” said Bhagwat Swaroop, CEO of Sonatype. “Software supply chain security must be treated as a core part of how enterprises govern innovation, manage risk, and ship trusted software at scale. We believe being named a Leader in the 2026 Gartner® Magic Quadrant™ for Software Supply Chain Security reflects Sonatype’s role in helping customers build that foundation for the AI era.”

Unlike approaches focused mainly on finding problems after software is built, the Nexus One platform gives enterprises one control plane for software assembly. Powered by two decades of Maven Central stewardship and Nexus IQ intelligence, Nexus One encompasses:

  • Nexus Repository, a verified system of record for developers and agents to build from, helping teams standardize the open source, packages, and artifacts entering development.
  • Firewall, a protected front door that blocks malicious, vulnerable, and non-compliant components before they enter development, stopping risky dependencies before they become rework or exposure.
  • Guide, an AI-powered solution that helps developers and agents choose safer packages, dependencies, and models, so AI-assisted development moves quickly without relying on guesswork.
  • Lifecycle, a policy and remediation engine that prioritizes and helps fix the risks that matter most, reducing noise and focusing developer effort without slowing delivery.
  • SBOM Manager, the evidence layer that proves what is inside every application, helping compliance, auditability, and software transparency keep pace with modern development.

Together, these capabilities help enterprises approve, block, guide, remediate, and document software decisions across the SDLC, giving developers and AI agents a safer path to build from and giving leaders confidence in what ships.

“Development organizations are under pressure to move faster than ever, but speed only creates value when teams can trust what their AI tools produce,” said Mitchell Johnson, Chief Product Development Officer at Sonatype. “Developers and AI agents are making dependency decisions continuously, and traditional review models were not built for that pace. Sonatype helps engineering teams automate trusted decision-making so they can choose safer components, block risky ones, eliminate rework, and realize the full benefit of AI-powered development.”

Sonatype is particularly well suited for the Fortune 500, specifically regulated industries, organizations building software at scale, and teams adopting AI-assisted development. Today, Sonatype helps millions of developers and thousands of enterprises build software with confidence.

*Gartner, Magic Quadrant for Software Supply Chain Security, Aaron Lord, Johnny Walters, Jason Gross, 18 June 2026

GARTNER and MAGIC QUADRANT are trademarks of Gartner, Inc. and/or its affiliates.

Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.

About Sonatype

Sonatype is the company that accelerates agentic software development with confidence. Trusted by thousands of enterprises and millions of developers, Sonatype helps organizations build with confidence by governing the open source, AI-generated, and third-party components that power modern software. As the steward of Maven Central and the company behind Nexus Repository, Sonatype provides unmatched visibility into how software is built, consumed, and secured — helping teams move faster, reduce risk, and ship software with confidence at AI scale. To learn more about Sonatype, please visit www.sonatype.com.