Sonatype Reviews

Russell Webster
Real User
VP and Sr. Manager at a financial services firm with 1,001-5,000 employees
Jul 04 2019

What is most valuable?

Its core features are the most valuable: * protection * scanning * detection * notification of vulnerabilities. It's important for us as an enterprise to continually and… more»

How has it helped my organization?

Without it we didn't have any way to detect vulnerabilities except through reactive measures. It's allowed us to be proactive in our approach to vulnerability detection… more»

What needs improvement?

Overall, it's pretty good. The drill-through and search capabilities are pretty good, they're not horrible. As far as the relationship of, and ease of finding the… more»

What's my experience with pricing, setup cost, and licensing?

Pricing is decent. It's not horrible. It's middle-of-the-road, as far as our ranking goes. They're a little bit more but that's also because they provide more. They put… more»

If you previously used a different solution, which one did you use and why did you switch?

We did not have a solution with this type of capabilities. We had some type of Nexus product but we layered this on top. We didn't have that capability.

What other advice do I have?

In the early stages of planning and design for rolling this out, ensure that you get all of your stakeholders involved; those who will have an input on the policy… more»

Which other solutions did I evaluate?

We looked at Artifactory as well. We went with Sonatype because it is more comprehensive, it's a market leader, has a great feature set, and support is really good. It's a… more»
Hagen Rahn
Real User
Senior Software Engineer at SYSTEMA Systementwicklung Dipl.-Inf. Manfred Austen GmbH
Feb 22 2019

What is most valuable?

The primary feature is that I now have the ability to provide a central platform for storing build artifacts; a concise way for any project team to store its build with… more»

How has it helped my organization?

First of all, we now have a well-documented process on where to find any build result produced within the last two years. This documentation has been made available to the… more»

What needs improvement?

I'm looking forward to getting things like automatic governance done, but the bigger priority I'm waiting for is a feature to have hot publication between several Nexus… more»

What's my experience with pricing, setup cost, and licensing?

In my opinion, the pricing is very fair and very customer-oriented. It's much better than any other tool I have used so far.

If you previously used a different solution, which one did you use and why did you switch?

We started off with several, local, self-deployed strategies like shared devices and web servers hosting some results. We even stored build results on a source code… more»

What other advice do I have?

Our company is about 25 years old. When we started developing stuff in Java, we didn't have much tool support and, as we are a company that integrates other systems, we… more»

Which other solutions did I evaluate?

We began to evaluate different Maven-based repository managers, so we had Artifactory, Nexus, Archiva from Apache, and IBH SYSTEMS. After an evaluation period of three to… more»
Sign Up with Email