Decide which components are allowed into your SDLC based on a common risk factors, including age, popularity, and licensing credentials. From there, configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.
“[Sonatype] has helped developer productivity. It's like working in the dark and all of a sudden you've got visibility. You can see exactly what you're using and you have suggestions so that, if you can't use something, you've got alternatives. That is huge.”