List of Sonatype Lifecycle Customers
Fulton, 20759, MD,
United States
Since 2010, our global team of researchers has been studying Sonatype Lifecycle customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Sonatype Lifecycle for Application Security (AppSec) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Sonatype Lifecycle for Application Security (AppSec) include: ABN AMRO Netherlands, a Netherlands based Banking and Financial Services organisation with 18295 employees and revenues of $7.00 billion, Trilliant Holdings (Ontario), a Canada based Manufacturing organisation with 500 employees and revenues of $52.0 million, Progress, a United States based Professional Services organisation with 10 employees and revenues of $1.0 million and many others.
Contact us if you need a completed and verified list of companies using Sonatype Lifecycle, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Sonatype Lifecycle customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
ABN AMRO Netherlands | Banking and Financial Services | 18295 | $7.0B | Netherlands | Sonatype | Sonatype Lifecycle | Application Security (AppSec) | 2019 | n/a |
In 2019, ABN AMRO Netherlands integrated Sonatype Lifecycle into its CI/CD pipelines as part of a bank wide DevOps and CI/CD initiative, adopting Application Security (AppSec) controls to automate open source monitoring and enforce build breakers. Sonatype Lifecycle was positioned as the central application security control for dependency and component governance within build and release workflows.
The implementation emphasized automated open source monitoring and build time enforcement, with Sonatype Lifecycle configured to identify vulnerable components, apply policy rules, and trigger build breakers when violations were detected. Functional capabilities implemented included automated component scanning during builds, policy enforcement at gate points, and developer-facing reporting to accelerate remediation and maintain secure continuous delivery practices.
Integration scope covered CI/CD pipelines that support software development in the Netherlands and many Agile teams, aligning with bank wide DevOps workflows and continuous delivery practices. Operational coverage focused on software development and DevOps engineering functions rather than peripheral IT functions.
Governance changes included formalizing build breaker enforcement as a policy mechanism and embedding open source governance into team level CI/CD processes. The rollout helped increase delivery velocity by 2 to 2.5 times, reduced time to deployment, and improved software quality and security across many Agile teams, according to the implementation account.
|
 |
Progress | Professional Services | 10 | $1M | United States | Sonatype | Sonatype Lifecycle | Application Security (AppSec) | 2017 | n/a |
In 2017, Progress used Sonatype Lifecycle for rapid application composition analysis during M&A due diligence in the United States. Progress used Sonatype Lifecycle, an Application Security (AppSec) solution, to validate that Corticon contained no GPL or other problematic open-source licenses as part of M&A / software licensing compliance, establishing a clear Company Sonatype Lifecycle Application Security (AppSec) M&A / software licensing compliance relationship.
The implementation focused on software composition analysis and automated license policy checks, leveraging Sonatype Lifecycle to generate a bill of materials and surface license attributions in minutes rather than through manual review. Sonatype Lifecycle's scanning and license evaluation capabilities were applied directly to the Corticon codebase to detect GPL and other restricted licenses and to document licensing status for diligence artifacts.
Operational coverage centered on the M&A due diligence workflow, with corporate development and legal licensing teams in the United States using outputs from Sonatype Lifecycle to centralize IP and licensing validation for the acquisition. The deployment provided a single source of truth for open-source license status and supported fast responses to technical diligence requests.
Governance shifted from a manual verification process to an automated, policy-driven license review, enabling faster decision cycles for the acquisition while reducing IP and licensing risk. The engagement explicitly sped license verification from a manual process to minutes and provided the acquiring team with confidence to proceed with the acquisition.
|
 |
Trilliant Holdings (Ontario) | Manufacturing | 500 | $52M | Canada | Sonatype | Sonatype Lifecycle | Application Security (AppSec) | 2020 | Opticca Security |
In 2020 Trilliant Holdings (Ontario) implemented Sonatype Lifecycle, deploying Sonatype Lifecycle as an Application Security (AppSec) capability to integrate OSS component intelligence into its SDLC and developer IDEs for the smart-grid platform in the United States. The initiative was explicitly positioned to shift left on application security within software development and DevSecOps workflows.
The implementation focused on embedding OSS component intelligence into developer workflows and build pipelines, enabling automated identification of vulnerable or noncompliant open source components during development. Sonatype Lifecycle was configured to surface policy-relevant component data directly in developer IDEs and to gate OSS usage earlier in the SDLC, aligning security and development teams around actionable component risk signals.
Opticca Security recommended and demonstrated Sonatype Lifecycle during procurement, supporting the selection and validation phases of the project. Integrations were centered on developer IDE integration points and SDLC toolchain touchpoints to ensure component intelligence traveled with code from local development through build and test stages for Trilliant’s smart-grid software.
Governance changes emphasized shift-left controls and developer-centric remediation workflows, reducing rework by catching OSS issues earlier and streamlining fixes inside the developer environment. The implementation delivered earlier detection and faster remediation of OSS risks while reducing developer rework and improving software quality for Trilliant’s smart-grid platform.
|
Buyer Intent: Companies Evaluating Sonatype Lifecycle
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||