Cybersecurity firm Sonatype acquired by Vista Equity

Zack Whittaker

Private equity firm Vista Equity Partners has acquired Sonatype, a cybersecurity-focused open-source automation company.

Terms of the deal were not disclosed, but Sonatype said the acquisition will help to build out its Nexus platform, an enterprise-ready repository manager and library with access to analysis on 65 million open-source components. The platform helps enterprises to keep track of open-source code to ensure software in the DevOps pipeline remains up-to-date with the latest bug and security fixes.

It's that kind of technology that Sonatype says can help prevent another Equifax-style attack, which saw close to 150 million records stolen because an open-source Apache server was not kept up to date.

The company said that several existing investors will retain a stake in the company.

Sonatype, based in Fulton, Md., hasn't disclosed its financials, but claims to have seen annual revenue grow up to 250% in the past three years. Its last fundraise was for $80 million in September 2018. The company also said it has more than 1,000 customers, including more than 60% of the Fortune 100 on its books, to monitor their code environments, including tech giants and several financial giants.

Vista, which invests almost exclusively in enterprise tech companies, has more than $52 billion in cumulative capital investments, it said.

Most of the Fortune 100 still use flawed software that led to the Equifax breach