Sonatype Nexus Firewall Valuable Features
Senior Cyber Security Architect and Engineer at a computer software company with 10,001+ employees
The Nexus Firewall itself, with its sheer ability to ensure that you're downloading safe code, is a big win for our environment.
Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you.
When you go to the IQ Server dashboard, it will tell you, "Version 1.2 is not good. You should upgrade it to version 1.3." You have that visibility, and you can whitelist things based on your business justification, and you can add notes in there as well.
In terms of securing our software supply chain, what we're trying to do is set things up so that they're upstream from our developers' work stations. Aside from downloading the code safely through Sonatype, a second way is by pushing our developers' code into a repository and Sonatype will do the security evaluation. You can use it as a hosted repository, versus using ADO which does not provide security evaluation and scanning. It helps bring open source intelligence and policy enforcement across our SDLC.View full review »