Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

  • NexusFirewall_Icon_white
  • nexus firewall

  • NexusFirewall_Icon_white
  • nexus firewall

Your first line of defense against modern software supply chain attacks.

Stop known and unknown open source risk from being downloaded into your repositories.

Combating modern-day supply chain attacks is significantly more complicated than in the past. Adversaries are getting craftier and are no longer waiting to exploit publicly disclosed vulnerabilities to launch a cyberattack. These next-gen attacks require a next-gen open source security solution. Nexus Firewall provides just that — an early warning detection system preventing malicious and suspicious open source components from entering your SDLC.

Release_Integrity_Flow_Chart_may25@2x
Auto Detection

Automatically detect and prevent malicious cyber attacks.

Sonatype’s Artificial Intelligence evaluates open source software (OSS) components based on different behaviors and determines if something is a potential threat or not. Those that are “known bad” (critically malicious/harmful OSS release) are automatically blocked from download. Your developers won’t even have the chance to choose components with known vulnerabilities.

Those identified as potential threats, specific to npm packages, are also quarantined until they’re confirmed or cleared of vulnerabilities by Sonatype’s security research team. If cleared, it is automatically released based on your policy.

Auto Detection

Automatically detect and prevent malicious cyber attacks.

Sonatype’s Artificial Intelligence evaluates open source software (OSS) components based on different behaviors and determines if something is a potential threat or not. Those that are “known bad” (critically malicious/harmful OSS release) are automatically blocked from download. Your developers won’t even have the chance to choose components with known vulnerabilities.

Those identified as potential threats, specific to npm packages, are also quarantined until they’re confirmed or cleared of vulnerabilities by Sonatype’s security research team. If cleared, it is automatically released based on your policy.

Create policy-based rules that we’ll enforce.

Use Sonatype’s out-of-the-box policy options or customize your own. Your policy settings dictate what OSS components are allowed into your SDLC, what is put into quarantine, and what is released from quarantine. Customize your rules based on common risk factors like popularity, and licensing credentials, and address known and unknown vulnerabilities via Sonatype’s Integrity Rating. From there, configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.

Policy Rules
Policy Rules

Create policy-based rules that we’ll enforce.

Use Sonatype’s out-of-the-box policy options or customize your own. Your policy settings dictate what OSS components are allowed into your SDLC, what is put into quarantine, and what is released from quarantine. Customize your rules based on common risk factors like popularity, and licensing credentials, and address known and unknown vulnerabilities via Sonatype’s Integrity Rating. From there, configure policy actions to automatically prevent applications from moving forward with unwanted or unapproved components.

Language Coverage

language-coverage-wide@2x 1

Nexus Firewall proactively prevents known OSS risk from Java, Ruby, .NET, Python Go, RPM and more, as well as unknown risk from JavaScript.

Perimeter Control for All Software Supply Chains

JFrog-Artifactory-Logo

Using Artifactory? No problem.
Nexus Firewall supports JFrog’s Artifactory.

SEE A DEMO

NexusRepo_horiz

Better together: Protect your Nexus Repository
(Pro) with Firewall.

TRY PRO


“[Sonatype] has helped developer productivity. It’s like working in the dark and all of a sudden you’ve got visibility. You can see exactly what you’re using and you have suggestions so that if you can’t use something, you’ve got alternatives. That is huge.”

— C. Chani (Financial Services), IT Central Station Review



Sonatype Envelope

See Firewall in Action