PATH:/products/firewall
QUERY:
DOMAIN:www.sonatype.com
Sonatype’s Artificial Intelligence evaluates open source software (OSS) components based on different behaviors and determines if something is a potential threat or not. Those that are “known bad” (critically malicious/harmful OSS release) are automatically blocked from download. Your developers won’t even have the chance to choose components with known vulnerabilities.
Those identified as potential threats, specific to npm packages, are also quarantined until they’re confirmed or cleared of vulnerabilities by Sonatype’s security research team. If cleared, it is automatically released based on your policy.
Sonatype’s Artificial Intelligence evaluates open source software (OSS) components based on different behaviors and determines if something is a potential threat or not. Those that are “known bad” (critically malicious/harmful OSS release) are automatically blocked from download. Your developers won’t even have the chance to choose components with known vulnerabilities.
Those identified as potential threats, specific to npm packages, are also quarantined until they’re confirmed or cleared of vulnerabilities by Sonatype’s security research team. If cleared, it is automatically released based on your policy.
Use Sonatype’s out-of-the-box policy options or customize your own. Your policy settings dictate what OSS components are allowed into your SDLC, what is put into quarantine, and what is released from quarantine. Customize your rules based on common risk factors like popularity, and licensing credentials, and address known and unknown vulnerabilities via Sonatype’s Integrity Rating. From there, configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.
Use Sonatype’s out-of-the-box policy options or customize your own. Your policy settings dictate what OSS components are allowed into your SDLC, what is put into quarantine, and what is released from quarantine. Customize your rules based on common risk factors like popularity, and licensing credentials, and address known and unknown vulnerabilities via Sonatype’s Integrity Rating. From there, configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.
Empower teams with precise component intelligence to enforce policies and continuously remediate risk.
Idenfify and remediate OSS risk in containers for build and run-time protection.
Manage libraries and store artificats in a universal repository and share them across development teams.
Generate a software bill of materials to identify open source components used within third-party or legacy apps.
See Firewall in Action
