Zscaler ZIA Support

Increase Edge Security with the Sonatype Zscaler Integration

The Zscaler Internet Access (ZIA) integration combines Zscaler's perimeter expertise with Sonatype's open source malware intelligence to block malicious packages at the network perimeter — before they ever reach a developer's machine.

Extend protection beyond repository tools

Block malicious packages in environments that don't use Nexus Repository for extended edge protection.

Stop open source malware

Protect your pipeline by catching threats at the network edge before it enters development.

Enhance existing edge protection

Close the gap and protect against software supply chain risks and internet-based threats

Block Open Source Malware at the Edge

As open source malware threats continue to grow, organizations need security solutions that extend beyond the developer toolchain. Zscaler Internet Access protects users and devices from phishing, malicious websites, and other web-based threats. But when it comes to open source packages, malware can lurk inside dependencies downloaded from trusted domains like npmjs.org or pypi.org. These threats slip past traditional Secure Web Gateways, especially when developers use CLI tools that bypass browser-based security policies.

Zscaler ZIA sees and filters domain-level traffic—but it doesn’t inspect open source packages or understand how malware behaves in a development context. Sonatype fills that gap. The Sonatype + Zscaler integration inspects requests to public OSS registries, evaluates packages using Sonatype’s malware intelligence engine, and blocks or quarantines anything suspicious. This happens at the edge—before malicious code enters a development machine or CI pipeline.

Explore Repository Firewall

Supported Zscaler Internet Access Features

Extend Malware Defense to the Perimeter

Get edge protection with Zscaler ZIA to block open source malware that is requested from public registries.

Gain Open Source Malware Intelligence

The Zscaler integration applies Sonatype malware intelligence with deep package-level inspection to determine threat status in real time.

Stop Malware in Shadow Downloads

Extend your existing Zscaler investment by blocking open source malware at the edge.

Increase Security Beyond The Repository

Close a critical blind spot in perimeter defenses on top of your existing repository security.

Increase Malware Defense with Repository and Edge Security

Zscaler is a strong defender of internet access, but it’s not built to scan open source packages before they’re used in development. That’s not a shortcoming—it’s simply not its purpose. Sonatype extends Zscaler secure internet access protection by focusing on software supply chain risks that require deeper, package-level intelligence.

With Sonatype + Zscaler, you gain a layered defense strategy. Together, they stop both traditional web threats and open source malware, reducing the risk of unvetted components and malicious packages slipping through the cracks.

Complete OSS coverage at the network level

Scan direct downloads from public registries and block malicious packages and components.

Reduced manual effort

Eliminate the need for developers or security teams to manually vet components

Maximized security investment

Extend the value of your Zscaler deployment by securing open source supply chains

Sonatype + Zscaler ZIA = Ultimate repository and edge security

Zscaler is purpose-built for securing internet access and cloud application traffic. Sonatype specializes in safeguarding open source usage and the software development lifecycle. Together, they offer full-stack security—seamlessly integrated. With Sonatype’s Repository Firewall plugin for Zscaler, your organization can stop malware earlier, reduce developer exposure, and reinforce trust in every component you use.

Book a Demo

Frequently Asked Questions

Does Zscaler already block malware?

What does the Zscaler integration block?

What makes open source malware different?

Does this require Nexus Repository?

How does the plugin block threats?