Sonatype Nexus Lifecycle Primary Use Case

EdwinKwan
Security Team Lead at Tyro Payments Limited
It's mainly used to scan for security issues in any components that we use. There are two parts to it, the license part and the security part. We use it generally for the security, but we also do have scans for the license stuff too. View full review »
ConfigManag73548
Configuration Manager at a health, wellness and fitness company with 5,001-10,000 employees
Our primary use case is preventing major security vulnerabilities. We use it as part of build our pipeline. We have a plugin that gets scanned by Sonatype as the build runs and it scans for all third-party dependencies. We haven't yet gotten to the point where we fail a build, but we make the matrix visible so we know where we need to focus. In the coming months, we plan to actually start failing builds and preventing releases which have certain vulnerabilities, from going into production. View full review »
Charles Chani
DevSecOps at a financial services firm with 10,001+ employees
We use it to automate DevSecOps. View full review »
Find out what your peers are saying about Sonatype Nexus Lifecycle vs. WhiteSource and other solutions. Updated: October 2019.
382,547 professionals have used our research since 2012.
Devin Duffy
Information Security Specialist at a financial services firm with 1,001-5,000 employees
We use it * to check if a software package has a vulnerability * for enforcement of quarantines on the proxy level * for housing all of our artifacts that we build in-house. View full review »
Russell Webster
VP and Sr. Manager at a financial services firm with 1,001-5,000 employees
The Lifecycle product is for protection, and licensing vulnerabilities issues, in our build lifecycle. View full review »
SrLeadSo5b76
Sr Lead Solution Services at a financial services firm with 201-500 employees
Our primary use case is for the SAS testing. This is the dynamic composition analysis that we need to do. In our apps, we do a lot of bespoke development and use a lot of third-party components. Therefore, it is critical to know what number is embedded within the third-party components that we may not directly be responsible for. The main use case is for scanning and ensuring that the deployments that we are adding to our servers is as secure as we can make it. We use it for scanning alone. That is our way of mitigating risk. We just upgraded to the latest version. View full review »
Axel Niering
Achitekt at SV Informatik GmbH
Our use case is to check and evaluate third-party libraries for vulnerabilities and licensing problems. We are integrating it into our build pipeline as well. View full review »
JavaDevef0ca
Java Development Manager at a government with 10,001+ employees
We use it as a repository or manager. We store all our software application artifacts. We also use it for the vulnerabilities. View full review »
ManojKumar9
Systems Analyst at Thrivent Financial for Lutherans
The solution is mainly providing security, as well as creating threshold values. In terms of dependencies, it helps us with which ones are used and which are not, which need to be kept, which do not need to be kept. View full review »
Gus Orologas
Lead IT Security Architect at a transportation company with 10,001+ employees
We're using it for looking at code libraries, for its automatic build process for cloud. We want to look at code libraries that have security, to make sure that there are no vulnerabilities in the code libraries that people are uploading, and we want to do that early in the process so it's not being caught at the tail end. We use it to automate open source governance and minimize risk. View full review »
Find out what your peers are saying about Sonatype Nexus Lifecycle vs. WhiteSource and other solutions. Updated: October 2019.
382,547 professionals have used our research since 2012.
Sign Up with Email