Policy evaluation. Policy enforcement. Open Source Governance. DevSecOps.
If you missed it, we're committed to helping our users keep their applications safe from open source vulnerabilities and license issues. More importantly, we're proud to enable them to do so at scale. Our "at scale" piece here is possible because of our 1) stellar data on software components and 2) ability to enforce open source policy violations.
We recently started a path to make it even easier for Sonatype Lifecycle users to enforce their open source policies at scale. After a few weeks of beta testing, we're happy to share that our new policy-oriented reports are officially live! This refreshed version of our Application Composition Report includes policy violations at the center of the report, allowing users to quickly identify and act on remediation opportunities. Focusing on policy remediation helps teams focus on reducing risk and ensures users get the most out of their Sonatype Lifecycle implementation.
Take a peak:
-3.png?width=607&name=unnamed%20(2)-3.png)
If you previously used the Application Composition Report to audit or keep a pulse on all security violations, don't worry! We've retained the ability to access and filter raw component data from the UI. See how below.
To learn more about our new policy-oriented reports, watch this demo:
We're excited about our reporting and look forward to your feedback. Tell us what you think in the comments below, or connect with us at my.sonatype.com!
Tags
Try Nexus Repository Free Today
Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.