Sonatype Introduces Next Generation Dependency Management | Press Release

  • NexusLifecycle_Icon_white
  • nexus lifecycle
  • NexusLifecycle_Icon_white
  • nexus
    lifecycle

Continuously secure your entire software supply chain.

DATA SHEET   
Foundation-IT Central Award

Nexus_Lifecycle_SDLC@2x (1)

Empower developers to select safer components.

With a Chrome browser extension, developers know if an open source component is vulnerable when selecting from public repositories.

Lifecycle_Chrome_Extension_1200
Lifecycle_Chrome_Extension_1200

Empower developers to select safer components.

With a Chrome browser extension, developers know if an open source component is vulnerable when selecting from public repositories.

Lifecycle_IDE@2x

Remediate known issues within the IDE.

With integration to the most popular IDEs, developers can select the best components based on real-time intelligence and move to an approved version with one click. Nexus Lifecycle integrates with Eclipse, IntelliJ, and Visual Studio.

Lifecycle_IDE@2x

Remediate known issues within the IDE.

With integration to the most popular IDEs, developers can select the best components based on real-time intelligence and move to an approved version with one click. Nexus Lifecycle integrates with Eclipse, IntelliJ, and Visual Studio.

Manage dependencies in source control with automated pull requests.

Nexus Lifecycle integrates with GitHub, GitLab, and Atlassian Bitbucket to automatically generate pull requests for components that violate open source policies.

Developers can easily see what versions they should use in order to fix violations — no more guessing what version to upgrade to. Development teams can trust that the PR is accurate because only Nexus Lifecycle has the precision and accuracy from Nexus Intelligence to eliminate the noise found in other automated dependency management solutions.

Automated_Pull_Requests-500@2x
Automated_Pull_Requests-500@2x

Manage dependencies in source control with automated pull requests.

Nexus Lifecycle integrates with GitHub, GitLab, and Atlassian Bitbucket to automatically generate pull requests for components that violate open source policies.

Developers can easily see what versions they should use in order to fix violations — no more guessing what version to upgrade to. Development teams can trust that the PR is accurate because only Nexus Lifecycle has the precision and accuracy from Nexus Intelligence to eliminate the noise found in other automated dependency management solutions.

Want a lighter version? Try Nexus Lifecycle Foundation.

PR-GitHub_commenting@1.5x

Speed up development with instant feedback in SCM.

Find and fix violations before breaking builds and eliminate manual rework. Pull request commenting in source control provides developers all the information they need to remediate open source risk early in development. Nexus Lifecycle will compare the diff on any active branch in GitHub, GitLab or Atlassian Bitbucket, and, if bad components or vulnerabilities will be introduced in a pull/merge request, it highlights the exact line(s) of code that brought them in along with detailed recommendations on how to fix the issues.

PR-GitHub_commenting@1.5x

Speed up development with instant feedback in SCM.

Find and fix violations before breaking builds and eliminate manual rework. Pull request commenting in source control provides developers all the information they need to remediate open source risk early in development. Nexus Lifecycle will compare the diff on any active branch in GitHub, GitLab or Atlassian Bitbucket, and, if bad components or vulnerabilities will be introduced in a pull/merge request, it highlights the exact line(s) of code that brought them in along with detailed recommendations on how to fix the issues.

Enforce open source policies across the SDLC.

Create custom security, license, and architectural policies based on application type or organization and contextually enforce those policies across every stage of the SDLC. Automatic policy enforcement can only happen with the precision and accuracy of Nexus Intelligence, eliminating false positives / negatives found in other solutions.

Lifecycle_Policy Setting@2x
Lifecycle_Policy Setting@2x

Enforce open source policies across the SDLC.

Create custom security, license, and architectural policies based on application type or organization and contextually enforce those policies across every stage of the SDLC. Automatic policy enforcement can only happen with the precision and accuracy of Nexus Intelligence, eliminating false positives / negatives found in other solutions.

Lifecycle_Integrations@2x-1

We work where you work.

Automatically enforce policies and view expert remediation guidance in the tools you use every day. Nexus Lifecycle works with Nexus Repository, Artifactory, GitHub, GitLab, IDEs, Jira, Jenkins, Azure DevOps, Micro Focus Fortify, Xebia Labs, OpenShift, Mesosphere OS, AWS, Docker, and many more.

Lifecycle_Integrations@2x-1

We work where you work.

Automatically enforce policies and view expert remediation guidance in the tools you use every day. Nexus Lifecycle works with Nexus Repository, Artifactory, GitHub, GitLab, IDEs, Jira, Jenkins, Azure DevOps, Micro Focus Fortify, Xebia Labs, OpenShift, Mesosphere OS, AWS, Docker, and many more.

Monitor Container Health with Nexus Lifecycle.

Lifecycle_Dashboard@2x-1

Automatically generate a Software Bill of Materials.

Verify policy compliance by knowing what components are used and where. In just minutes generate a precise Software Bill of Materials (SBOM) for each app to identify every open source component along with its dependencies.

Lifecycle_Dashboard@2x-1

Automatically generate a Software Bill of Materials.

Verify policy compliance by knowing what components are used and where. In just minutes generate a precise Software Bill of Materials (SBOM) for each app to identify every open source component along with its dependencies.

View trends related to Mean Time to Resolution (MTTR).

Demonstrate risk reduction to senior management with a report that shows violation trends over time and how quickly they are being remediated.

Lifecycle_MTTR
Lifecycle_MTTR

View trends related to Mean Time to Resolution (MTTR).

Demonstrate risk reduction to senior management with a report that shows violation trends over time and how quickly they are being remediated.

IT Central Station Icon Reverse
  • "One of the ways that it has helped us is that it has given us visibility into security issues. It scans and gives you a low false-positive count." Read more

    Edwin K.

  • "It's a very user-friendly product and it is very easy to integrate with any other products. It's more reliable and more securable." Read more

    Manoj K.

See Lifecycle in Action