Sonatype Nexus 'Component Intelligence'
Overview
‚Component Intelligence‘ is a product suite containing Sonatype's Nexus Firewall, Lifecycle and Auditor. Included features and data enable an intelligent, automated software supply chain management regarding security requirements including threat intelligence for components.
Nexus Firewall, Nexus Lifecycle and Nexus Auditor are powered by the Nexus IQ Server, each performing a different task:
- Firewall stops components fraught with risk
- Lifecycle routes components through the software supply chain
- Auditor maintains the know-how about software components in use
Sonatype offers a free Application Health Check providing a bill of materials inventory of your open source and proprietary components. Scan one of you applications - the results may possibly generate surprises.
| Functions | Description | Firewall | Lifecycle | Auditor |
|
Policy management |
Comprehensively customizable policy management for component identification and repository protection | |||
|
Audit |
Instantly see every component flowing into your organization | |||
|
Quarantine |
Stop, analyze, and selectively admit components |
- |
- |
|
|
Protection |
Keep production apps safe from risky components | |||
|
Control |
Create policy and manage rules for component usage for organisations, teams and applications |
- |
- |
|
|
Integration |
Direct integration with existing development tools: i. e. Eclipse, IntelliJ, Jenkins, Bamboo and SonarQube |
- |
- |
|
|
Automation |
Automation options for handling of unwanted components |
- |
||
|
Customization |
Combine lifecyle intelligence with own applications using REST-APIs |
- |
- |
|
|
Evaluation |
On-demand evaluation via intuitive user interface or command line |
- |
||
|
Reports |
Drill into findings to discover security, license, and quality related issues |
- |
- |
|
|
Compliance |
Rules for not acceptable components and consequence actions | |||
|
Maintenance |
Monitor applications continuously for newly-discovered component issues |
- |
- |
Our opinion
Sonatype's ‚Component-Intelligence‘ product suite provides more than component repository management only. Firewall, Lifecycle and Auditor are dedicated to reliability and security of open source components deployment vastly growing during the last years.
The provision of a huge information basis for free binaries including recommended actions for identified problems is a Sonatype unique selling point. Get always-on component intelligence about restrictive licenses and other quality characteristics. A comprehensive ‚Software Bill of Materials‘ about component age, popularity and release history plus security vulnerabilities essential for a high quality software development.
In enterprise environments, especially in regulated industries, Sonatype's Intelligence products are widespread.
You would like to have an offer or have questions to us? We are looking forward to your mail or call, please use our contact form.
top