Why Sonatype Bets Big on Hyderabad as Its Open-Source Securi…
Analytics India Magazine (Shalini Mondal)
Sonatype, the Maryland-based leader in AI-driven open-source cybersecurity, officially opened its global capability centre (GCC) in Hyderabad, India on November 10.
Strategically located in HITEC City, the centre is Sonatype’s largest R&D hub worldwide. This GCC will bring together over 200 engineers, product leaders, data scientists, and AI experts focused on pioneering innovations in AI/ML-powered software security, cloud-native development, and open-source intelligence.
Among other firms that have chosen Hyderabad for their GCCs are McDonald’s, Deutsche Börse Group, DAZN and Costco Wholesale Corp.
According to talent solutions firm Xpheno’s latest report ‘Telangana: The Next-Gen GCC Powerhouse,’ Hyderabad has attracted 40% of all new greenfield GCCs set up in India over the past three years, compared to Bengaluru’s 33%. Over 164 new GCCs have been established across India in the past 30 months, with 64 choosing Hyderabad.
Francis Padamadan, CEO (designate) at Xpheno previously told AIM that Telangana’s leadership depth and talent pool have made it the preferred destination for new-age GCCs. Backed by 47.8 lakh accessible white-collar professionals and a 4:1 inbound jobseeker ratio, Hyderabad’s inclusive workforce—33% women with 19% in leadership, further fuels its momentum.
A Full-Spectrum Innovation Hub
Sonatype CEO Bhagwat Swaroop told AIM that their India GCC location was chosen not only for talent, as it is not just an R&D site for them.
“This is a full budget site where all functions will be represented, from sales, marketing, customer support, professional services, and product and technology.”
Unlike many GCCs that start with support or customer success roles, Sonatype began with core product and technology teams, underlining the strategic importance of Hyderabad for its innovation roadmap.
Swaroop highlighted that Hyderabad’s ecosystem and government policies impressed the company. The city had streamlined the setup process, making it easier for the company to engage with the local community of partners and customers.
Beyond policy support, Hyderabad also offers a deep bench of diverse talent critical to Sonatype’s innovation areas.
“One of the core areas that many companies start out with when they think about GCC is usually support and customer success roles. We started out with moving a set of roles here which were really tied to our core innovation around product and technology. Hyderabad has quite a deep bench of talent around that,” Swaroop said.
Furthermore, India’s thriving open-source community makes Hyderabad a natural choice for Sonatype.
Swaroop mentioned that India occupies a prominent place in the world in terms of open source adoption. There’s no better place to build their capability centre because the talent here embraces open source and is active in the community, not just as users, but as contributors, he added.
With plans to scale to 200 employees next year, the company is focusing on mentorship, collaboration, and a customer-centric culture.
R&D at the Core
With regard to R&D, Sonatype plans to have over 100 engineers in core product and technology development, working on high-impact projects rather than side initiatives.
“The engineers that we have hired here are not working on side projects or test cases; they are working on the core innovation tied to the present and future of the company,” Swaroop said.
With rising threats from malicious open source attacks like Phantom Raven, Sonatype emphasises responsible and secure use of open source as a top priority.
“No longer can somebody just say, ‘I’ll get the latest version and not worry about malicious scanning.’ Malicious open source defense and responsible use of open source is now front and centre,” he noted.
Hyderabad will host Sonatype’s full DevSecOps ecosystem, from repository management with Nexus, software composition analysis via Lifecycle, and malicious code defense through Firewall, to agentic AI solutions with Guide.
“The beauty of our model is that the entire DevSecOps ecosystem will be represented, both in product innovation as well as customer support. We can close the loop much faster, given that a large number of our customer teams are represented here,” Swaroop said.
The post Why Sonatype Bets Big on Hyderabad as Its Open-Source Security Hub appeared first on Analytics India Magazine.
Generated by RSStT. The copyright belongs to the original author.