Endress+Hauser

and the Nexus Platform

Instrumentation and process automation software leverages the Nexus Platform

Endress-Hauser and the Nexus Platform

Endress+Hauser

Challenge

  • Unmonitored open source library downloads
  • Manual selection and tracking process for open source usage
  • Inability to track and monitor deployed components

Solution

  • Nexus Lifecycle
  • Bamboo with Maven
  • JIRA
  • HP Fortify
  • SonarQube

Outcome

  • Automated analysis of open source libraries for security vulnerabilities
  • Continuous monitoring of open source libraries for new security
    vulnerabilities
  • Overview of all used open source libraries and versions
  • Ability to track and monitor deployed components
"We evaluated Black Duck, Veracode and Nexus Lifecycle. My colleagues and I chose Nexus Lifecycle because it is the best solution for what we are trying to do: remove all critical findings before they reach production."

Lars Brößler, Senior Software Developer
Read the full story