キャプテラ - 日本企業の最適な
ソフトウェア選びをサポートし17年
Nexus Lifecycleとは?
SonatypeのNexusプラットフォームでは、オープンソースのガバナンスを自動化して、リスクを減らし、ソフトウェアのイノベーションを加速させることができます。ソフトウェア開発者、アプリケーション・セキュリティ・プロフェッショナル、およびDevSecOpsの専門家が、リリースの迅速化、誤検出の削減、開発者向けの詳細な是正ガイダンスの提供のために、質の高いNexusの脆弱性インテリジェンスを活用することができます。
Nexus Lifecycleの対象ユーザー
ソフトウェア開発者、アプリケーション・セキュリティ・プロフェッショナル、DevSecOpsの専門家
Nexus Lifecycleをご存知でしょうか?
別の人気製品との比較
Nexus Lifecycle
Nexus Lifecycleの他のおすすめ代替製品
Nexus Lifecycleの評判・レビュー
vulnerability analysis tool
製品を使ってみた感想: my experience with Nexus Lifecycle is that it allows me to identify and secure vulnerable devices when doing development, which really allows me to work with peace of mind and confidence
良いポイント:
Firstly, what is good about Nexus Lifecycle is that it is easy to install and use, it supports several types of packages, has very good documentation and is available in several languages. secondly, the vulnerability feature is excellent when it comes to application vulnerability analysis
改善してほしい点:
First of all, Nexus Lifecycle is more expensive than its competitors, so access to the paid version is not available to everyone, Then, its interface is often heavy when adding several components
Binary Repository for the large enterprise
製品を使ってみた感想: It's fairly easy to install, pricy from the enterprise version, supports all packages types.
良いポイント:
The Open Source version has enough functionality (comparing to competitors) to be one of the best in its field. It has vast support for all packages type and the installation is fairly easy
改善してほしい点:
The issue will begin once you like to move from the Open Source version to the commercial one, it is pricy (again comparing to the competitors) it has a business module of per user per year cost and if your budget is limited you would find yourself with an issue of funding it. It is not the best in line with the enterprise versions out there.
Automatic vulnerability detection and mitigation tool in software development process
製品を使ってみた感想: I primarily used the tool to detect supply chain vulnerability to mitigate attacks for the development team.
良いポイント:
Easier to install, and use and helping our team in mitigating supply chain attacks.
改善してほしい点:
It has a high per-year basis subscription and is not up to the mark with the other competitor with similar costs
Powerful artifact manager, but has some rough edges
良いポイント:
Supports all major artifact types, such as npm, helm, docker, etc. Powerful integrations with major 3rd party tools.
改善してほしい点:
Open source version does not allow integrating with non-Maven deployment types, making it difficult to evaluate even for those preparing to use enterprise version.
