Sonatype
About Sonatype
Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype pioneered
componentized software development and has a rich history of supporting open source innovation.
Today, more than 120,000 organizations depend on Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, Morgenthaler Ventures, Bay Partners and Goldman Sachs.
Learn more at www.sonatype.com.
Products
 |
Nexus Auditor | Let you know exactly what components are in your software applications |
 |
Nexus Firewall | Stop risk from entering into your software supply chain |
 |
Nexus IQ Server | It is the Policy Engine that powers Nexus Firewall, Lifecycle and Auditor with the component intelligence |
 |
Nexus Lifecycle | Continuously identify risk, enforce policy and remediate vulnerabilities across every phase of your SDLC |
 |
Nexus Repository | Manages binaries and build artifacts across your software supply chain |
Useful DevSecOps Resources
- How to integrate Nexus Lifecycle with Atlassian Tools
- DevSecOps Community Survey 2019
- DevSecOps Reference Architectures
- How the Nexus Platform Works (Demo)
- Automate Open Source Governance Across the SDLC at Scale
- Your Guide to AppSec Tools: SAST or SCA?
FAQs
Here are some of the additional features available in Nexus Repository Pro:
1) Professional Support provides you with a peace of mind
2) High Availability eliminates unplanned downtime
3) Custom Metadata Tagging allows components to be tagged so that they can be filtered easy for additional operations
4) Dynamic Storage allows easy expansion of storage
5) Staging & Build Promotion allows easy housekeeping of unwanted artifacts
6) Detailed Repository Health Check provides you a summary of popularity/license type/known security vulnerabilities
7) Auth Token Support which strengths security by doing away with plain text username and password
8) LDAP/SAML Support enables user to single sign-on instead of using passwords
For more, you can refer to https://sonatype.drift.click/oss-vs-pro