Block malicious components
Block malicious and suspicious packages until they’re confirmed or cleared by Sonatype’s security research team.
Stop vulnerabilities automatically
Prevent known vulnerabilities and harmful open source releases from downloading into your repository.
Release cleared components
Automatically release cleared components back into your development pipeline for maximum efficiency.
Automate your policy enforcement
Set policy based on risk tolerance
Decide which components are allowed into your SDLC based on risk factors like age, popularity, and licensing credentials.
Protect against the unknown
Set policy to block suspicious components, even before they are publicly disclosed as vulnerable.
Configure automatic compliance
Prevent applications from moving forward with unwanted or unapproved components.
Universal repository support
Sonatype Nexus Repository ProBetter together: Protect your Sonatype Nexus Repository (Pro) with Firewall.
JFrog ArtifactoryUsing Artifactory? No problem.
Sonatype Repository Firewall supports JFrog’s Artifactory.
Enterprise protection from attacks
Protection from unknown vulnerabilitiesYes for npm, PyPl
Hosted repository protection from namespace confusion attack
Automatic release from quarantine
Automated version replacement for dependencies
New reports and views for application security and developers
Improved developer experience
Support for artifactory enterprise