<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 ">

What We Learned from Studying 36,000 OSS Projects | Press Release


and the Nexus Platform

Instrumentation and process automation software leverages the Nexus Platform

Endress-Hauser and the Nexus Platform



  • Unmonitored open source library downloads
  • Manual selection and tracking process for open source usage
  • Inability to track and monitor deployed components


  • Nexus Lifecycle
  • Bamboo with Maven
  • JIRA
  • HP Fortify
  • SonarQube


  • Automated analysis of open source libraries for security vulnerabilities
  • Continuous monitoring of open source libraries for new security
  • Overview of all used open source libraries and versions
  • Ability to track and monitor deployed components
"We evaluated Black Duck, Veracode and Nexus Lifecycle. My colleagues and I chose Nexus Lifecycle because it is the best solution for what we are trying to do: remove all critical findings before they reach production."

Lars Brößler, Senior Software Developer
Read the full story