<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Nexus Lifecycle Product Tour

Infuse your software supply chain with amazing component intelligence.

Schedule Demo DevSecOps for Containers

Nexus Lifecycle Features




Repository Pro

Technology Included Continuous Component Intelligence Continuous
IQ Server
Repository Manager
Supply Chain Integration Points
· Source
Components from Central Repository, RubyGems.org, Docker Hub, etc
· Store
Java, NuGet, npm, Docker
· Develop
Eclipse, IntelliJ IDEA, Visual Studio
· Build
Jenkins, Bamboo, SonarQube
· Operate
Continuous Production Monitoring
Additional Integrations
· Command Line (CLI)
· Custom (API and Plugin)

Get healthy with Nexus Lifecycle

  • Give your development teams access to the world’s best component intelligence right inside their favorite tools.
  • Make it easy for developers to select the best software components and eliminate mistakes before they happen.
  • Create policy and manage rules for component usage.
  • Automate quality and monitor applications at every stage of your software development lifecycle.

Develop confidently with amazing component intelligence

  • Infuse your software supply chain with unique and deep component research conducted by world class experts.
  • Get always-on component intelligence about security vulnerabilities, restrictive licenses, component age, popularity and other quality characteristics.
  • Consume component intelligence in detailed reports, the IQ Server dashboard, or any of your favorite tools.
  • Perform component research in minutes.
  • Determine root cause of security vulnerabilities and remediate risk faster.

Eliminate mistakes before they happen

  • Know which components are healthy and which ones are not, before the first line of code is written.
  • Get notified automatically when new vulnerabilities become known.
  • Remediate vulnerabilities faster with detailed data.
  • See the big picture with information on components and any associated dependencies.
  • Access component intelligence down to the version.

Build a business case for DevSecOps with an executive dashboard

  • Executive dashboard highlights overall policy health and progress in remediating policy violations
  • Quickly see how many policy violations were identified with Nexus Lifecycle, their criticality, and how quickly they are being resolved
  • View Mean Time to Resolution (MTTR) by month and see how much faster issues are being resolved with Nexus Lifecycle
  • Increase adoption of Nexus Lifecycle within your organization with insight into key indicators of success

Say hello to IQ Server - The brains of the operation

  • Lifecycle is powered by the IQ Server, an application designed around the concepts of component intelligence and quality.

  • The IQ Server is designed to share component intelligence with your teams early, often and throughout the software supply chain so they can make the best possible choices.

  • With the IQ Server’s fully-customizeable policy engine, you decide which components are acceptable, and which are not.

  • The IQ Server integrates with popular development tools including, but not limited to: Maven, Eclipse, IntelliJ, Bamboo, Jenkins, Xebia Labs, and SonarQube.

  • The IQ Server provides a full suite of supported REST APIs that provide access to core features for custom implementations.


A better way to match components

  • Traditional component matching produces false matches, so we invented a better approach. 
  • Advanced binary fingerprinting identifies all open source and proprietary components, as well as their dependencies and matches are broken into three categories: exact, similar or unknown.
  • Just in case you have proprietary components, or want to claim a component as your own, we let you customize that as well.
  • Extensive support for the most popular component formats, such as Maven/Java, npm and NuGet.


Take control of your software supply chain

  • Customized policy means the power to decide which components an organization or individual teams should use.
  • Policy threat customization allows you to organize and rank policies by corresponding violations and associated risk.
  • Flexible controls allow you to decide the exact action to take at each step of the software development lifecycle.
  • Create and use custom policies, or industry-standard policies 'out-of-the-box'.
  • Use policy to identify a range of component criteria, including but not limited to: vulnerability, license, age, popularity, and even exact coordinates.

Integrated with popular development tools

  • A wide range of integrations brings always-on component intelligence to development teams via tools they already use.
  • Filter component issues by applications, policies, and development stages.
  • Policy actions integrate with a variety of development tools including: Eclipse, Visual Studio, IntelliJ IDEA, Jenkins, Hudson, Bamboo, Maven, Docker, SonarQube, Nexus Repository and more.
  • Access the full set of evaluation and component intelligence features at the command line.
  • Use our full range of supported REST APIs to create custom solutions for evaluating components.

Automate your software supply chain

  • Configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.
  • Setup automated notifications when unwanted components are being used in your applications.
  • Use policy monitoring to keep a continuous and vigilant watch for new component defects, even in production applications.
  • Automate component approval workflows using component labels, and stopping unapproved components at the source.
  • Apply application categories to automatically assign policy for specific application types.

Introducing Nexus Lifecycle XC - new data service delivered by IQ Server

  • Win-win intelligence engine includes depth and breadth of data for automated policy controls and foundational open source governance.

  • IQ Server will offer broad coverage support for Ruby, PHP, Swift, CocoaPods, Golang, C, and C++.

  • Stock data intelligence service informs basic hygiene for a wide swath of open source ecosystems and formats.

  • Create a software bill of materials to assess the quality of open source components used within your applications.

Schedule Demo

See Lifecycle in Action