ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Sonatype Unveils Nexus One: An AI-Native DevSecOps Platform to Secure and Accelerate Software Innovation

By: via GlobeNewswire

Fulton, Md., Nov. 19, 2025 (GLOBE NEWSWIRE) -- Sonatype®, the leader in AI-driven DevSecOps, today announced the launch of Nexus One, a single, agentic software supply chain infrastructure unifying open source intelligence, governance, and automation across enterprise software development. Nexus One is the system of record for software artifacts, delivering real-time open source software (OSS) intelligence, proactive risk protection, and agentic automation for dependency management.

“With Nexus One, we’re bringing together Sonatype’s strengths into a cloud-first, developer-centric, and AI-native platform that helps our customers innovate securely in the era of gen AI,” said Bhagwat Swaroop, CEO of Sonatype. “Nexus One isn’t just part of the toolchain, it’s the control layer that enterprises depend on to build, govern, and secure software at scale. We’re redefining what a modern agentic DevSecOps platform can be: intelligent, unified, and future-ready.” 

As generative AI accelerates software pipelines, organizations face mounting challenges securing both human and machine-generated code that are primarily composed of open source components. Traditional governance tools can’t keep up especially while open source malware continues to increase in scale and sophistication

Nexus One is powered by the industry’s most comprehensive OSS intelligence, ensuring that every component and application is safe, compliant, and ready to scale. Designed to integrate seamlessly into developers’ workflows, Nexus One provides full-spectrum control across the software development lifecycle from component selection to deployment and continuous monitoring in-between. The platform connects the capabilities that matter most for secure, efficient development:

  • AI Visibility and Governance: Identifying, managing, and ensuring the safety of AI/ML models used in application development. 
  • Malware Defense: Continuous ML-driven behavioral analysis to detect and block malicious components.
  • Dependency Management and Remediation: Automates risk identification and compliance at scale.
  • SBOM Governance: Simplifies visibility and auditability across complex, multi-source codebases.
  • Secure Artifact Management and Workflow Automation: Sonatype Nexus Repository integrates seamlessly into CI/CD pipelines, developer tools, and cloud environments.

With the broadest visibility in the industry, Nexus One is built on more than 15 years of curated OSS intelligence, including proprietary security research and data sources such as Maven Central and the OSS Index, as well as AI-powered risk discovery and ML-driven analysis of more than 270 million open source components. Sonatype sees 70% more open source vulnerabilities than alternative sources, provides 10x faster insights than the National Vulnerability Database, and achieves 30% faster mean time to remediate compared to industry averages.  

Nexus One marks a new chapter in software governance where development and security share the same intelligence, automation, and visibility. By unifying open source and AI workflows, Sonatype gives teams the clarity to build faster with less rework and the confidence to ship securely. 

To learn more about Nexus One, visit http://www.sonatype.com/products/nexus-one-platform.

About Sonatype 
Sonatype is the leader in AI-driven DevSecOps. As the maintainers of Maven Central and creators of Nexus Repository, Sonatype has spent two decades pioneering how the world manages and secures open source software — making Sonatype the trusted authority for modern software supply chains. With unmatched open source visibility and a unified product suite built for modern software development, Sonatype gives enterprises the intelligence and automated governance they need to harness the full potential of open source and AI. Sonatype handles the complexity behind the scenes: guiding component and model selection, blocking harmful malicious code, automating dependency and vulnerability management, and ensuring faster, more reliable builds — so developers spend more time on innovation and less time on remediation and rework. Trusted by more than 15 million developers, Sonatype helps power secure, modern software development at nearly 2,000 global organizations including 70% of the Fortune 100. To learn more about Sonatype, please visit www.sonatype.com.


Megan Schmidt
Sonatype
press@sonatype.com

Recent Quotes

View More
Symbol Price Change (%)
AMZN  220.69
+3.55 (1.63%)
AAPL  271.49
+5.24 (1.97%)
AMD  203.78
-2.24 (-1.09%)
BAC  51.56
+0.56 (1.10%)
GOOG  299.65
+9.67 (3.33%)
META  594.25
+5.10 (0.87%)
MSFT  472.12
-6.31 (-1.32%)
NVDA  178.88
-1.76 (-0.97%)
ORCL  198.76
-11.93 (-5.66%)
TSLA  391.09
-4.14 (-1.05%)
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the Privacy Policy and Terms Of Service.
© 2025 FinancialContent. All rights reserved.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.