Its security is also pretty good, and its listing about the severities is also good." "Lifecycle lets developers see any vulnerabilities or AGPL license issues associated with code in the early stages of development. My team deployed new versions on that same day and successfully eliminated the vulnerabilities, so right now, the best feature of Sonatype Nexus Lifecycle is finding which applications have vulnerabilities." "Its engine itself is most valuable in terms of the way it calculates and decides whether a security vulnerability exists or not. My team couldn't find which applications had the vulnerability initially, but using Sonatype Nexus Lifecycle helped. Still, one of the best functions of the product is the guidance it gives in finding which components or applications have vulnerabilities.įor example, my team had a vulnerability or a CVE connected to Apache last week. "Vulnerability detection accuracy is good." "Due to the sheer amount of vulnerabilities and the fact that my company is still working on eliminating all vulnerabilities, it's still too early for me to say what I like most about Sonatype Nexus Lifecycle.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |