I would give the solution eight out of ten. I would look at the comparison of Sonatype to some other firewalls. There is room for improvement, especially mentioning container support and AI packages.
Senior Cyber Security Architect and Engineer at a computer software company with 10,001+ employees
Real User
Mar 18, 2021
You should have some knowledge of Linux before implementing it, because to set up the rsync and to make sure your data is being replicated and that it's HA, you need to know Linux. We took a look at the demo of Nexus Container and, although I haven't used it hands-on so I cannot say too much about it, it looks like a freaking awesome product. We are in the process of evaluating it and may do a PoC. It looks like it's easy to use, easy to integrate, and does not require a lot of RAM or storage. You can install it on existing Kubernetes clusters, so there's not a lot of infrastructure needed. Using it, I expect we'll find out if the images that we're downloading for the containers are secure or not. It's definitely worth taking a look at it. Default policies are never really a good idea, anywhere. You need to adjust them based on your environment's needs. When we deployed Sonatype, the policies were not automatically configured so that if a packet is malicious it would block it. You need to manually set those up. But their policy engine provided the flexibility that we need. It was really a quick, easy setup. The biggest lesson I've learned from using Sonatype is that open source security is very important and it's getting crazy these days, because there's so much hacking and so many breaches going on, so much vulnerability. Even Microsoft codes and some of the packages in PyPI are not secure. You trust a repository like Microsoft or PyPI, but there are still some vulnerabilities out there. That is why it was so important for Sonatype to be implemented in our environment.
Application Security Tools are essential for organizations looking to protect their software applications from vulnerabilities that could lead to breaches or exploits. These tools provide automated solutions for identifying, managing, and mitigating risks associated with application vulnerabilities.These tools have gained recognition for their ability to integrate seamlessly into development pipelines, providing security teams with real-time data on potential risks. They support multiple...
I would give the solution eight out of ten. I would look at the comparison of Sonatype to some other firewalls. There is room for improvement, especially mentioning container support and AI packages.
I would rate the solution an eight out of ten.
You should have some knowledge of Linux before implementing it, because to set up the rsync and to make sure your data is being replicated and that it's HA, you need to know Linux. We took a look at the demo of Nexus Container and, although I haven't used it hands-on so I cannot say too much about it, it looks like a freaking awesome product. We are in the process of evaluating it and may do a PoC. It looks like it's easy to use, easy to integrate, and does not require a lot of RAM or storage. You can install it on existing Kubernetes clusters, so there's not a lot of infrastructure needed. Using it, I expect we'll find out if the images that we're downloading for the containers are secure or not. It's definitely worth taking a look at it. Default policies are never really a good idea, anywhere. You need to adjust them based on your environment's needs. When we deployed Sonatype, the policies were not automatically configured so that if a packet is malicious it would block it. You need to manually set those up. But their policy engine provided the flexibility that we need. It was really a quick, easy setup. The biggest lesson I've learned from using Sonatype is that open source security is very important and it's getting crazy these days, because there's so much hacking and so many breaches going on, so much vulnerability. Even Microsoft codes and some of the packages in PyPI are not secure. You trust a repository like Microsoft or PyPI, but there are still some vulnerabilities out there. That is why it was so important for Sonatype to be implemented in our environment.