Sonatype Introduces Next Generation Dependency Management | Press Release

For Legal and Compliance Officers

Easily promote conformity with open source rules and regulations

Legal_Page_Banner_Illustration

Smarter risk management professionals use Nexus solutions to eliminate open source risk.

Legal_Page_Banner_Illustration

Smarter risk management professionals use Nexus solutions to eliminate open source risk.

Smarter risk management professionals use Nexus solutions to eliminate open source risk.

Legal_Page_Banner_Illustration@4x

Smarter risk management professionals use Nexus solutions to eliminate open source risk.

Legal_Page_Banner_Illustration@4x

Pillars of Open Source Compliance 

Bar_Purple

Transparency into binding open source licencing requirements before, during and after the software development process.

Bar_Coral

Avoiding copyright infringement by understanding "copyleft" legal obligations within third-party code.

Bar_Azure

Having a full Software Bill of Materials (SBOM) for shipped applications to prove third-party licensing obligations and copyright requirements.

Get your FREE Software Bill of Materials

SCAN YOUR APP

Get your FREE Software Bill of Materials

SCAN YOUR APP

Comprehensive Database of Open Source License Obligations

The most comprehensive database of open source license obligations

The Sonatype License Obligation Review tool (LORT) is a curated database of open source license obligations across multiple categories, types, and threat groups. LORT helps open source governance teams clearly understand their license obligations to better define policies.

Comprehensive Database of Open Source License Obligations

The most comprehensive database of open source license obligations

The Sonatype License Obligation Review tool (LORT) is a curated database of open source license obligations across multiple categories, types, and threat groups. LORT helps open source governance teams clearly understand their license obligations to better define policies.

License obligations and full license text in a single dashboard

LORT displays all license obligations including non-standard terms, copyright information, and commercial use restrictions in a single view. Legal teams save time from manually reviewing every open source license to identify risk. LORT includes:

  • Every major open source license with the full license text.
  • Each obligation for a license no matter how obscure.
  • Easy-to-use searching for specific keywords (for example, which licenses have a “nuclear” exclusion).
  • Filters to sort licenses by License Threat Group (LTG), License Name, and Reviewed Status.

License Obligations Dashboard

License Obligations Dashboard

License obligations and full license text in a single dashboard

LORT displays all license obligations including non-standard terms, copyright information, and commercial use restrictions in a single view. Legal teams save time from manually reviewing every open source license to identify risk. LORT includes:

  • Every major open source license with the full license text.
  • Each obligation for a license no matter how obscure.
  • Easy-to-use searching for specific keywords (for example, which licenses have a “nuclear” exclusion).
  • Filters to sort licenses by License Threat Group (LTG), License Name, and Reviewed Status.

Continue Your DevSecOps Transformation Journey

Creditreform Case Study

How Others Automate Open Source Security

Creditreform uses the Nexus Platform to scale vulnerability detection.

LEARN MORE
SCA Solution Whitepaper

What to Consider When Selecting an SCA Solution

Read how your peers proactively control open-source use to better manage risk. 

READ MORE
Free Application Scan

See if Your Applications Are Secure

Use Nexus Vulnerability Scanner and find out if your open source has licencing requirements. 

SCAN AN APP

Ready to Try Nexus Products?

Sonatype, A Better Way to Build

Schedule a Demo
Twitter LinkedIn Facebook Instagram YouTube GitHub
Products
Security Research
Solutions
Resources
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia 
London Office - 168 Shoreditch High Street, E1 6HU London

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Event Terms and Conditions