Sonatype Releases New Version of Free Repository Health Check
May 24, 2017

Sonatype released the next generation of its free Repository Health Check (RHC) feature within its flagship Nexus Repository product.

As of today, all 120,000 organizations using Nexus will benefit immediately from the ability to automatically analyze the quality and security of open source software components housed within their Nexus Repository as part of their DevOps pipeline.

While open source and third-party software components bring greater efficiency to application development, they are not without their weaknesses. According to the 2017 DevSecOps Community Survey, 1-in-5 organizations confirmed or suspected a breach related to known vulnerabilities in open source components used in their applications -- up 50% over the past three years.

With the introduction of the next-generation RHC, Nexus Repository users can now automatically identify open source security risks at the earliest stages of their DevOps pipeline.

Specifically, the RHC feature empowers software development teams with three important capabilities:

- Provides actionable guidance on which components housed in the repository manager should be upgraded or replaced.

- Prioritizes the list of vulnerable components by severity and impact, detailing how many times each component was downloaded from the repository manager by developers in the past 30 days.

- Reveals month-over-month metrics on the hygiene of the organization’s software supply chain to identify improving standards or worrisome trends.

“To maximize velocity and quality, DevOps-native teams must address security issues at the beginning -- not the end -- of the development lifecycle,” said Wayne Jackson, CEO of Sonatype. “Sonatype was first to market with the Repository Health Check capability in 2012 and today it evaluates more than 50 million components across 25,000 repositories every day. With our next-generation features, Nexus Repository customers can feel confident their development practices are building in security from the start.”

The next-generation RHC feature is available now as part of the Nexus Repository 3.3 release.

Share this

Industry News

May 12, 2022

Red Hat introduced Red Hat Enterprise Linux 9, the Linux operating system designed to drive more consistent innovation across the open hybrid cloud, from bare metal servers to cloud providers and the farthest edge of enterprise networks.

May 12, 2022

Couchbase announced version 7.1 of Couchbase Server.

May 12, 2022

Copado added Copado Robotic Testing to Copado Essentials.

May 11, 2022

Red Hat announced new advancements within its Red Hat Cloud Services portfolio, delivering a fully-managed and streamlined user experience as organizations build, deploy, manage and scale cloud-native applications across hybrid environments.

May 11, 2022

JFrog introduced a new Docker Desktop Extension for JFrog Xray that allows organizations to automatically scan Docker Containers for vulnerabilities and violations early in the development process.

May 11, 2022

Progress announced a series of updates in Progress Telerik and Progress Kendo UI.

May 11, 2022

Vultr announces that Vultr Kubernetes Engine (VKE) is generally available.

May 10, 2022

Docker announced new features and partnerships to increase developer productivity. Specifically, the company announced Docker Extensions which allow developers to discover and add complementary development tools to Docker Desktop.

May 10, 2022

Red Hat announced the general availability of Red Hat Ansible Automation Platform on Microsoft Azure, pairing hybrid cloud automation with the convenience and support of a managed offering.

May 10, 2022

The Fedora Project, a community-driven open source collaboration sponsored by Red Hat, announced the general availability of Fedora Linux 36, the latest version of the fully open source Fedora operating system.

May 10, 2022

Progress announced the release of Progress Chef Cloud Security, extending DevSecOps with compliance support for native cloud assets and enabling end-to-end management of all on premise, cloud and native cloud resources.

This new offering is complemented with new capabilities across the Chef portfolio targeting DevOps success in the most demanding and complex enterprise deployments.

May 10, 2022

Platform9 announced new platform capabilities in Platform9 5.5 that make it easier for cloud-native development and operations teams to build, scale, and operate apps and Kubernetes clusters in the cloud, on-premises, and at the edge.

May 09, 2022

Red Hat and Accenture have expanded their nearly 12 year strategic partnership to further power open hybrid cloud innovation for enterprises worldwide.

May 09, 2022

Opsera has partnered with Mindtree.

May 09, 2022

Mendix announced that Mendix Workflow for process automation is now generally available.