Sonatype Nexus 'Component Intelligence'


‚Component Intelligence‘ is a product suite containing Sonatype's Nexus Firewall, Lifecycle and Auditor. Included features and data enable an intelligent, automated software supply chain management regarding security requirements including threat intelligence for components. 

Nexus Firewall, Nexus Lifecycle and Nexus Auditor are powered by the Nexus IQ Server, each performing a different task:

  • Firewall stops components fraught with risk
  • Lifecycle routes components through the software supply chain
  • Auditor maintains the know-how about software components in use

Sonatype offers a free Application Health Check providing a bill of materials inventory of your open source and proprietary components. Scan one of you applications - the results may possibly generate surprises.

Functions Description Firewall Lifecycle Auditor

Policy management

Comprehensively customizable policy management for component identification and repository protection      


Instantly see every component flowing into your organization      


Stop, analyze, and selectively admit components  




Keep production apps safe from risky components      


Create policy and manage rules for component usage for organisations, teams and applications





Direct integration with existing development tools: i. e. Eclipse, IntelliJ, Jenkins, Bamboo and SonarQube





Automation options for handling of unwanted components    



Combine lifecyle intelligence with own applications using REST-APIs





On-demand evaluation via intuitive user interface or command line




Drill into findings to discover security, license, and quality related issues





Rules for not acceptable components and consequence actions      


Monitor applications continuously for newly-discovered component issues




Our opinion

Sonatype's ‚Component-Intelligence‘ product suite provides more than component repository management only. Firewall, Lifecycle and Auditor are dedicated to reliability and security of open source components deployment vastly growing during the last years. 

The provision of a huge information basis for free binaries including recommended actions for identified problems is a Sonatype unique selling point. Get always-on component intelligence about restrictive licenses  and other quality characteristics. A comprehensive ‚Software Bill of Materials‘ about component age, popularity and release history plus security vulnerabilities essential for a high quality software development. 

In enterprise environments, especially in regulated industries, Sonatype's Intelligence products are widespread.

You would like to have an offer or have questions to us? We are looking forward to your mail or call, please use our contact form.



Click here
to contact us