Free assessments of your open source & 3rd party components

Repository Health Check

Inventory the components in your Nexus repository to spot known security or license issues. Not using Nexus? Try it for free.

Learn More

Application Health Check

Inventory the components in an application to discover known security or license issues. Create a bill of materials.

Learn More

More information about open source vulnerabilities and visibility

Finding Known Software Vulnerabilities

Modern software is assembled using a wide variety of re-usable software ‘building blocks’ which are largely open source components downloaded from public repositories or third party commercial components. Due to a lack of visibility and automation, developers inadvertently choose components with known security vulnerabilities and restrictive licenses. In fact, defective and outdated components are often chosen when better and safer versions have been available for years.

Learn more

Software Bill of Materials

Similar to a “bill of materials” which is used in traditional manufacturing supply chains to track the suppliers, parts and versions used to build products, a ‘software bill of materials’ – also known as a BoM -- is used to inventory the components used to build software. Find out why it's important, what to look for when choosing a BoM provider, and what Sonatype provides.

Learn more