Sonatype
RepVue Score
0
Sonatype
Back to ReviewsFormer Employee Incredibly excited to have joined an emerging and relevant cybersecurity solution. It was right around the year mark when the crack began to show. Poor leadership - quick to panic and fingerpoint. Incoherent sales strategy; one message based on "data accuracy" is Sonatype's sole value/differentiator. It was overused and rarely moved the needle with prospects. Lacking a clear sales strategy, incoherent GTM messaging, poor product market fit resulted in a poor sales results nearly a year straight after the euphoric growth of the log4j of 2021. Github, JFrog, Snyk continue to devour marketshare at an unbeatable pace. Despite being in the upper right corner of Forrester's SCA evaluation, SCA is merely one aspect of securing your organizations application security landscape. Sonatype overstates its importance of data accuracy in scanning open source software that has blindly doubled down and ignored SAST,DAST, IAST and ASPM. Incredibly niche and by far the most expensive product in the market that stands to serve only one aspect of a dynamically changing space of open source software. A product "built for developers by developers" routinely complain of its usability. Niche. Expensive. Irrelevant in the C-Suite in boardroom.
2.6
Sep 21, 2023
1 Useful
