<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Nexus Lifecycle Features

Nexus
Lifecycle

Nexus
Firewall

Nexus
Auditor

Nexus
Repository Pro

Technology Included Continuous Component Intelligence Continuous
Component
Management
IQ Server
Repository Manager
Supply Chain Integration Points
· Source
Components from Central Repository, PyPi, etc
· Store
Java, NuGet, npm, Docker
· Develop
Eclipse, IntelliJ IDEA, Visual Studio
· Build
Jenkins, Bamboo, SonarQube
· Operate
Continuous Production Monitoring
Additional Integrations
· Command Line (CLI)
· Custom (API and Plugin)
Get healthy with Nexus Lifecycle
  • Give your development teams access to the world’s best component intelligence right inside their favorite tools.
  • Make it easy for developers to select the best software components and eliminate mistakes before they happen.
  • Create policy and manage rules for component usage.
  • Automate quality and monitor applications at every stage of your software development lifecycle.
Develop confidently with amazing component intelligence
  • Infuse your software supply chain with unique and deep component research conducted by world class experts.
  • Get always-on component intelligence about security vulnerabilities, restrictive licenses, component age, popularity and other quality characteristics.
  • Consume component intelligence in detailed reports, the IQ Server dashboard, or any of your favorite tools.
  • Perform component research in minutes.
  • Determine root cause of security vulnerabilities and remediate risk faster.
Eliminate mistakes before they happen
  • Know which components are healthy and which ones are not, before the first line of code is written.
  • Get notified automatically when new vulnerabilities become known.
  • Remediate vulnerabilities faster with detailed data.
  • See the big picture with information on components and any associated dependencies.
  • Access component intelligence down to the version.
Build a business case for DevSecOps with an executive dashboard
  • Executive dashboard highlights overall policy health and progress in remediating policy violations
  • Quickly see how many policy violations were identified with Nexus Lifecycle, their criticality, and how quickly they are being resolved
  • View Mean Time to Resolution (MTTR) by month and see how much faster issues are being resolved with Nexus Lifecycle
  • Increase adoption of Nexus Lifecycle within your organization with insight into key indicators of success

The Brain Behind Nexus Lifecycle

  • IQ Server shares component intelligence with your teams early, often and throughout the software supply chain so they make better decisions and build better software.

  • IQ Server integrates with popular development tools including, but not limited to: Maven, Eclipse, IntelliJ, Visual Studio, GitHub, Bamboo, Jenkins, Xebia Labs, and SonarQube.

  • IQ Server offers a fully-customizeable policy engine, so you can define which components are acceptable, and which are not.

  • IQ Server provides a full suite of supported REST APIs that provide access to core features for custom implementations

Learn More

A better way to match components
  • Traditional component matching produces false matches, so we invented a better approach. 
  • Advanced binary fingerprinting identifies all open source and proprietary components, as well as their dependencies and matches are broken into three categories: exact, similar or unknown.
  • Just in case you have proprietary components, or want to claim a component as your own, we let you customize that as well.
  • Extensive support for the most popular component formats, such as Maven/Java, npm and NuGet.
 
Take control of your software supply chain
  • Customized policy means the power to decide which components an organization or individual teams should use.
  • Policy threat customization allows you to organize and rank policies by corresponding violations and associated risk.
  • Flexible controls allow you to decide the exact action to take at each step of the software development lifecycle.
  • Create and use custom policies, or industry-standard policies 'out-of-the-box'.
  • Use policy to identify a range of component criteria, including but not limited to: vulnerability, license, age, popularity, and even exact coordinates.
Integrated with popular development tools
  • A wide range of integrations brings always-on component intelligence to development teams via tools they already use.
  • Filter component issues by applications, policies, and development stages.
  • Policy actions integrate with a variety of development tools including: Eclipse, Visual Studio, IntelliJ IDEA, Jenkins, Hudson, Bamboo, Maven, Docker, SonarQube, Nexus Repository and more.
  • Access the full set of evaluation and component intelligence features at the command line.
  • Use our full range of supported REST APIs to create custom solutions for evaluating components.
Automate your software supply chain
  • Configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.
  • Setup automated notifications when unwanted components are being used in your applications.
  • Use policy monitoring to keep a continuous and vigilant watch for new component defects, even in production applications.
  • Automate component approval workflows using component labels, and stopping unapproved components at the source.
  • Apply application categories to automatically assign policy for specific application types.

Nexus Lifecycle XC - new data service delivered by IQ Server

  • Win-win intelligence engine includes depth and breadth of data for automated policy controls and foundational open source governance.

  • Stock data intelligence service informs basic hygiene for a wide swath of open source ecosystems and formats.

  • XC offers broad coverage support for Ruby, PHP, Swift, CocoaPods, Golang, C, and C++.

  • Create a software bill of materials to assess the quality of open source components used within your applications.

Learn More