IT Brief UK - Technology news for CIOs & IT decision-makers
Story image

Sonatype named leader in software analysis by Forrester

Today

Sonatype has been recognised as a leader in the Software Composition Analysis category by independent research firm Forrester.

The Forrester Wave: Software Composition Analysis Software, Q4 2024 report highlights Sonatype's ranking, which is based on its performance in the "Current Offering" and "Strategy" categories among top vendors in the field.

Forrester evaluated 10 leading software composition analysis (SCA) providers, where Sonatype achieved high scores for various criteria including malicious package detection, SBOM generation and management, and AI-driven component analysis.

The report stated, "Sonatype is a trailblazer for detection of inner-source and associated transitive dependencies to efficiently manage internal shared components. Sonatype's vision of blocking software supply chain attacks at the network firewall and endpoint protection systems is revolutionary. Sonatype is an excellent choice for enterprises looking to manage dependency, license, operational, and malicious package risk across the portfolio."

Sonatype's platform integrates enterprise-grade SCA tools with Nexus Repository, open source malware protection, automated dependency management, and complete SBOM management. This integration offers an end-to-end software supply chain management platform, with a focus on enhancing the security and efficiency of software development processes.

A finding from Sonatype's 2024 State of the Software Supply Chain Report indicates that a significant percentage of application dependencies, specifically 80%, remain un-upgraded for over a year. This highlights the challenges enterprises face in managing software dependencies and risks.

Mitchell Johnson, Chief Product Development Officer at Sonatype, commented: "With the scale of open source and AI accelerating software development, managing dependencies and risk becomes exponentially more difficult. This is why Sonatype's approach to SCA with automated dependency management is so powerful, helping enterprises speed up software development while managing risks effectively. We believe our continued innovation has led to this recognition. We are delighted to be named a Leader in SCA software by Forrester, which to us recognises our vision and unwavering commitment to helping customers secure their software supply chains."

The report also credited Sonatype for its forward-thinking vision and roadmap strategies, granting it the highest possible scores in these categories. It noted, "The stellar roadmap includes SBOM sharing, regulation-specific templates, SBOM and supplier quality scoring, AI/ML supply chain coverage, and AI BOM management."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X