Easy cloud security and compliance. The combined capabilities of Sonatype and Fugue will enable developers to easily find and fix security vulnerabilities in third party libraries when actively developing cloud applications, while simultaneously preventing security and compliance issues due to misconfigured cloud infrastructure.
Developer feedback in everyday tools. Developers will receive notifications with actionable insights into policy violations for both OSS and cloud infrastructure in the tools they use every day like GitHub and JIRA.
Consolidated view of risk. With open source and cloud security information all in one place, development and operations teams will be able to accelerate innovation and simultaneously improve application security, cloud infrastructure security, and continuous compliance.
One common policy. Sonatype and Fugue users will rely on the same set of rules in development and in production ensuring continuity of security and compliance policies. One policy ensures Dev and Ops teams stay in lock step.
In-depth compliance. Sonatype Nexus Platform customers will soon have access to relevant infrastructure compliance control mappings including CIS Foundations Benchmarks, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, SOC 2, and more.
Automatically stop defective open source componenents from entering your SDLC.
Manage libraries and store artifacts in a universal repository and share them across development teams.
Empower teams with precise component intelligence to enforce policies and continuously remediate risk.
Generate a software bill of materials to identify open source components used within 3rd party or legacy applications.