Secure Your Code for Free

A free, developer-friendly suite of tools to find and fix
both open source and source code vulnerabilities.



Sonatype Lift

Lift searches a broad range of performance, security, and reliability errors and delivers results as code review comments so you can fix bugs in minutes.


Artifact Repository

Nexus Repository OSS

Our free artifact repository is your single source of truth for all of your components, binaries, and build artifacts with universal format support.


Open Source Component Catalog

Sonatype OSS Index

OSS Index is a free catalog of open source components and scanning tools to help you identify vulnerabilities, understand risk, and keep your software safe.


Open Source Scanner

Nexus Vulnerability Scanner

Nexus Vulnerability Scanner provides a free software bill of materials and identifies if your application has any open source security vulnerabilities.

Free Developer Tools for Nexus Lifecycle and OSS Index