Genome.One and Nexus IQ Server


When we saw a demo of Nexus IQ Server, it shifted our perspective beyond just license checking.  The primary usage became the vulnerability checking and writing policies around the vulnerabilities.
Creditreform uses Nexus Lifecycle and IQ Server


What we saw was that Nexus Lifecycle really worked for us. It was much better than doing everything manually.  We didn’t have to rely on developers to understand and determine an output for remediation.
AMN-AMRO and Nexus Lifcycle


ABN AMRO is implementing quality gates and build breakers to improve code quality and security awareness. Nexus Lifecycle is used to verify that developers are using safe open source libraries as opposed to ‘illegal’ libraries. 
travel audience - Sonatype Nexus on the Google Cloud platform

travel audience

Andre Rocha Ferreira describes how he and the DevOps team at travel audience built a DevOps pipeline solution using Nexus Repository Manager on top of the Google Cloud platform. and Nexus - Automated consistency across the CI/CD pipeline

The use of  Nexus Repository as a centralized storage for multiple binary types has created a consistent, secure environment across multiple teams. 200 software engineers in multiple groups at are now getting the benefits of the Nexus platform.


“Automated security monitoring with Nexus Lifecycle alleviates the time-consuming manual processes that inhibit scaling. We want to be able to have our eyes on the code and have Nexus Lifecycle tell us when there’s something requiring our attention.”
The EDF Group

The EDF Group

"The biggest advantage of using IQ Server is to be able to report to our project team what specific libraries are used within our applications. We have immediate visibility into security issues."
Discovery Health

Discovery Health

"We needed constant monitoring and notifications of open source vulnerabilities in our applications. That’s what Nexus Repository, Nexus Lifecycle and IQ Server delivered."
LIberty Mutual Logo.png

Liberty Mutual

"By layering automation and instrumentation through our pipelines we were able to reduce the average time for new applications from 25 days to 2.5 days, with the record of 8 minutes from desktop to cloud."

Tyro Payments

"Before Nexus Lifecycle, we really had no way to monitor open source policy violations or licensing risks. Nexus Lifecycle quietly enforces policy, automatically identifies issues, and prioritizes what to fix."


"We wanted to give developers the tools to help them with their decision-making when selecting open source components."


"Blackboard has written millions of lines of custom code—and about half of it touches one or more of 100+ open source components. Assuring those components are free of vulnerabilities is incredibly important."


"Sonatype specializes in streamlining component-based development, so the quality is much higher than any other solution we evaluated and far better than manual effort."


"Nexus Repository provides a comprehensive, easy-to-use solution that lets teams and developers track, search, organize and access build components."

Progress Software

"Sonatype provided the tools and support we needed to streamline due diligence, reduce risk, and move forward with confidence."