In our last article with Sonatype Chief Marketing Officer Matt Howard, we discussed how open source software development has helped companies in all industries answer the continual demand for newer and better product solutions, and how Sonatype’s  software supply chain management suite can help companies mitigate the very real risks of using software parts sourced from an unfathomable number of sources.

Meanwhile, the amount of open source software out there is rapidly increasing, with hundreds of billions of components downloaded in the last year. Doing what Sonatype does to help companies manage the components they need and identify security vulnerabilities in them is a similarly gargantuan task.

And yet, as the rest of our conversation with Mr. Howard makes clear, this work is part of the recipe that has generated a particularly successful year of growth at Sonatype, which included an $80 million investment from TPG, one of the world’s top 10 private equity firms, and winning this year’s Emerging Growth Company of the Year award.

Read on for more of our conversation with Mr. Howard to learn more about how Sonatype achieved such impressive growth and how it has geared itself up to keep up with the ever-expanding universe of open source software. He also shares how the company hopes to harness that energy to keep growing well into the future.


Corporate Growth, Capital Style (CGCS): Sonatype won ACG National Capital’s Emerging Growth Company of the Year award. Especially in such a competitive field, achieving such organic growth is a remarkable achievement. How has the company’s growth strategy set Sonatype up to not only attract new business, but to retain existing clients so well?

Matt Howard: In short – continuous innovation, listening to the market, and recognizing customer needs. We recognize that we need to constantly push the boundaries and provide our customers value that they can’t find anywhere else, in order to fully capitalize on the opportunity before us. This understanding is what drives the entire company to deliver first-to-market product innovations.  

We’ve built our internal culture in a way that allows the team to focus on the customer and understanding the market. From a remote work environment that gives employees built-in flexibility and responsibility that doesn’t come with co-located models, to tiny teams that breaks the larger organization into teams of 3 or 4, to dedicated innovation time, our culture is a key part of our strategic growth strategy. 

Furthermore, with our origins in open source – or collaborative, community coding – we understand the importance of being an active community member – and honoring those roots. We’ve founded All Day DevOps, a free developer community conference and training forum of over 65,000 IT professionals. Through this, Sonatype provides online training, free to anyone and creates a safe haven for conversation. 

Similarly, we continue to provide valuable tools and information to the community for free. The company’s free OSS version of its original product – Nexus Repository – is a staple within the industry and makes it possible for young companies or individual developers, to get started with best-in-class tools, without having to be inhibited by a price tag.  We’ve also created free developer friendly security solutions like Sonatype Nancy, Sonatype Goalie, GitHub integrations, and OSS Index to help organizations build more secure code bases.

We believe we’ve built a strong company and instilled the vision of continuous innovation in everyone, to continue on this incredible growth path. 

CGCS: Let’s talk about the TPG-led investment of $80 million dollars in the company last year.

Matt Howard: That was an incredible milestone for our business – a milestone most companies never reach. It’s also a testament to the outstanding team we have assembled, the rapidly scaling business we have created, and the innovative open source governance solutions we have introduced to the market.

CGCS: Why was it the right time for the company to pursue this type of investment? What is happening in the market that is so critical and had to be capitalized on?

Matt Howard: We know software is the last path to differentiation in every industry.  It’s being developed faster than ever before and is being continuously delivered into production faster than traditional IT organizations can manage. In this new normal, developers are king, open source is everywhere, apps live in public clouds, perimeters have largely dissolved, and software applications must be secure by default.

Unfortunately, the incredibly rapid proliferation of open source makes this really, really hard. At Sonatype, we literally monitor millions of open source commits per day.  Last year hundreds of billions of components were downloaded by software developers, 10 percent of which had known security defects. The problem is only getting bigger and we’re here to solve it. 

We believe that developers are committed to building secure software. However, they need the right information to do so. That’s why, over the past several years, we’ve uniquely engineered our Nexus platform to empower both software developers and application security professionals to harness, at scale, all of the good that open source has to offer while minimizing the risk. 

CGCS: How will the funds from the TPG investment factor into these efforts?

Matt Howard: In terms of how we’re using the funds, while we already had a very strong balance sheet, the funds raised in our financing provided us with additional capital to build a truly unique software enterprise.  We’re using this capital to continue doing what we have already been doing, just with greater ability to hire exceptional talent, accelerate sales and marketing investments, scale customer success, increase R&D, and expand our Nexus platform offerings.

CGCS: Why was TPG the right partner for this venture? What do they bring to the team that will be valuable going forward?

Matt Howard: For a rapidly growing business like ours – there are numerous opportunities to tap capital markets.  TPG, however, isn’t just another investor. They are among the top 10 private equity firms in the world and they work in a broad range of sectors like financial services, IT and communication technology, healthcare, media and entertainment, etc. This makeup has already unlocked incredible opportunities and we’re excited to see the continued potential for us in the years to come. 

CGCS: Where do you see Sonatype going in the future? Will the company continue to pursue an organic growth strategy or will it consider acquisitions or other means for growth?

Matt Howard: We’re only going to continue to grow. The market is primed and we believe we’re bringing value to the industry in a way that no one else can.  When businesses are differentiating themselves upon software experiences, our focus of helping development organizations deliver the highest quality and most secure solutions will continue to experience strong demand. 

We’ve helped deliver significant improvements across our enterprise customer base and we have also built a positive, long-standing reputation with the software development community that we serve.  At Sonatype, we recognize that our software supply chain automation solutions have made an impact, but we are not resting on the laurels of our past successes. We realize that we are in the early innings of a long journey to deliver what’s possible.

Want to make a nomination for next year’s Corporate Growth Awards? Click HERE for more information.