<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 ">

Sonatype Expands its Executive Team Following an Outstanding 2018  Press Release

Nexus Auditor knows your software
  • Access the world’s best component intelligence in seconds for Java, JavaScript, and .net.
  • Create policy to identify unwanted components and manage rules for component usage.
  • Evaluate applications and analyze materials to know exactly what’s inside each application submitted for evaluation.
  • Maintain application health with a variety of ways to review potential component risk, license, and quality issues.
Healthy applications start with intelligence
  • Always-on component intelligence covers security vulnerabilities, restrictive licenses, component age, popularity and other quality characteristics.
  • From detailed reports and views to the Nexus IQ dashboard, you’ll have a variety of ways to digest our in-depth component intelligence.
  • Because we provide root cause analysis for security vulnerabilities, this means you won’t follow false paths or miss a dependency that could have been hidden.
  • Analysis continues after components enter production, including the ability to set notifications when new component intelligence is available.
Determine the composition of every application
  • All application evaluations produce a detailed bill of materials that can be saved and distributed to teams and customers alike.
  • You’ll have access, down to the version, to policy violations, as well as any associated risk related to security, licenses, and vulnerability issues.
  • If remediation is required, your teams will see the exact location of troublesome components.
  • Not just components found directly inside your applications or third party apps (COTS), but the dependencies as well.
  • Whether you evaluate applications via the UI or command line tools, both provide the ability to easily and quickly submit an application for evaluation.
Easily pinpoint vulnerable components
  • Every evaluation produces the Application Composition Report which includes the ability to drill down to the version of security, license, and quality issues.
  • As evaluations occur, your centralized dashboard will also be populated with evaluation results.
  • Setup automated notifications when unwanted components are identified in evaluated applications.
  • Because not all issues represent risk, every report has the ability to set workflow statuses, and if necessary, waive policy violations.