Sonatype Named a Leader in Software Composition Analysis (SCA) by Independent Research Firm


Sonatype Receives the Highest Current Offering Category Score Among the 12 Most Significant SCA Providers

Fulton, Md., June 16, 2023 (GLOBE NEWSWIRE) — Sonatype, the pioneer of software supply chain management, is pleased to announce that it has been recognized as a Leader in The Forrester WaveTM: Software Composition Analysis, Q2 2023. Sonatype received the highest score in the current offering category in the report, which identifies the 12 most significant software composition analysis (SCA) providers, and received the highest possible scores in 16 criteria.

According to the report, “Sonatype’s differentiated innovation strategy includes security, developers, operations, and legal personas and prevents next-generation supply chain attacks. The superior vision to provide one platform available in the cloud or self-hosted is backed by a roadmap that includes improving developer experience with enhanced prioritization and remediation capabilities as well as applying ML/AI to speed up detection, reduce remediation time, and predict new types of attacks.” The report also notes, “Strong customer relationships give Sonatype its edge.”


“We’re extremely proud to be named by Forrester as a leader among the top vendors in the SCA market,” said Alex Berry, President at Sonatype. “We believe this recognition not only highlights the continued progression of our platform, but also our commitment to our customers and their success. Software supply chain management plays a pivotal role in driving digital transformation – and we think this shows that Sonatype is the best solution provider in the market for SCA.”

Comprised of Sonatype Repository Firewall, Sonatype Nexus Repository, and Sonatype Lifecycle, Sonatype’s groundbreaking software supply chain management platform empowers customers to rapidly create, deploy, and maintain innovative software at scale directly aligned to their business needs. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype’s tools and guidance to be ambitious, move fast and do it securely.

Additional Resources: 

  • Download The Forrester WaveTM: Software Composition Analysis, Q2 2023 here
  • Explore The Sonatype Platform 
  • Learn more about SCA on the Sonatype Blog 
  • Scan your application for open source vulnerabilities now

About Sonatype 
Sonatype is the software supply chain management company. Recognized by globally renowned analysts as a leader in the industry, Sonatype enables organizations to innovate faster in a highly competitive market. We allow engineers to develop software fearlessly and focus on building products that power businesses. Sonatype researchers have analyzed more than 120 million open source components – 40x more than its competitors – and the Sonatype platform has automatically blocked over 115,000 malicious malware components from entering developers’ code. Enabling high-quality, secure software helps organizations meet their business needs and those of their customers and partners. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on our tools and guidance to be ambitious, move fast and do it securely. To learn more about Sonatype, please visit

CONTACT: Nicole Lavella Sonatype 703-403-7066 [email protected] 

Disclaimer: The above press release comes to you under an arrangement with GlobeNewswire. takes no editorial responsibility for the same.