Security & code scanning

Hi Team,

We are using Nexus OSS and wanted few details regarding current security and compliance posture of Nexus application .

Also do you use code scanning tools to identify and remediate vulnerabilities in your application. If so, can you please share more details about it ?


Hi @loganathan.balakrishnan! Moving this to the Nexus Repository Manager category for more visibility.

@loganathan.balakrishnan Thanks for your question. As you may know, Sonatype is an industry leader in vulnerability detection. Here’s our public statement on Nexus Repository’s security posture.

If you’re looking to secure your development infrastructure, we’d be happy to talk further with you or your security team.