![]() ![]() ![]() ![]() The results of a Nexus Lifecycle scan appear directly within the Azure DevOps build pipeline so it is easy to understand what open source components are being used and if they violate any of your open source policies. Automate your open source policies with confidence and deliver applications at scale by eliminating manual approval processes and whitelists/blacklists. Nexus Lifecycle provides the most precise intelligence regarding security vulnerabilities, license risk, and architectural quality of open source components and delivers that information directly within Azure DevOps as well as other tools in the DevOps toolchain. In a DevOps world, the only way to deliver secure applications at scale is to rely on precise intelligence about the quality of the open source components used within those applications. Once the scan is complete, the results are displayed within Azure DevOps with a link to the Nexus Lifecycle policy report for violation details and expert remediation guidance. As a new step within the build, the application is scanned by Nexus IQ to identify any open source security, license, or quality policy violations and can be configured to fail the build or generate a warning. The Nexus IQ Extension for Azure DevOps enforces open source governance policies within the CI phase. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |