Audience

Developers

About Nexus Auditor

Know what production apps are made of. Nexus Auditor automatically generates a software bill of materials to identify open source components used within 3rd party or legacy applications. Get a complete list of open source components included within your app to quickly identify components that violate your open source policies.

Nexus Lifecycle
Nexus Lifecycle
Continuously secure your entire software supply chain. With a Chrome browser extension, developers know if an open source component is vulnerable when selecting from public repositories. With integration to the most popular IDEs, developers can select the best components based on real-time intelligence and move to an approved version with one click. Nexus Lifecycle integrates with Eclipse, IntelliJ, and Visual Studio. Nexus Lifecycle integrates with GitHub, GitLab, and Atlassian Bitbucket to automatically generate pull requests for components that violate open source policies. Developers can easily see what versions they should use in order to fix violations — no more guessing what version to upgrade to. Development teams can trust that the PR is accurate because only Nexus Lifecycle has the precision and accuracy from Nexus Intelligence to eliminate the noise found in other automated dependency management solutions.
Learn more
FossID
FossID
Software Composition Analysis (SCA) FossID Workbench enables precise identification of open source components and vulnerabilities. It integrates into software development cycles, providing license recognition, proactive security checks, and detailed compliance reporting. FossID Workbench is available across various industries and helps to ensure that organizations can confidently meet their legal, security, and operational needs in open source software management. Comprehensive Scanning Creates a thorough and complete software bill of materials (SBOM) that catalogs all open source in use, regardless of how it made its way into the codebase. Detailed Reporting Ensures distribution compliance by generating reports, notices files, and copyright statements. Integration & Extensibility Features custom workflows, performing administrative tasks, generating reports, and more with the API.
Learn more
Revenera SCA
Revenera SCA
Take control of your open source software management. Empower your organization to manage open source software (OSS) and third-party components. FlexNet Code Insight helps development, legal and security teams to reduce open source security risk and manage license compliance with an end-to-end system. FlexNet Code Insight is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk while you build your products and during their entire lifecycle. Manage open source license compliance, add automation to your processes, and implement a formal OSS strategy that balances business benefits and risk management. Integrate with build tools, CI/CD and SCM tools, artifact repositories, external repositories or build your own integrations using the FlexNet Code Insight REST API framework to make code scanning easy and effective.
Learn more
CycloneDX
CycloneDX
OWASP CycloneDX is a lightweight Software Bill of Materials (SBOM) standard designed for use in application security contexts and supply chain component analysis. Strategic direction and maintenance of the specification is managed by the CycloneDX Core working group, with origins in the OWASP community. A complete and accurate inventory of all first-party and third-party components is essential for risk identification. BOMs should ideally contain all direct and transitive components and the dependency relationships between them. Adopting CycloneDX allows organizations to quickly meet these minimum requirements and mature into using more sophisticated use cases over time. CycloneDX is capable of achieving all SBOM requirements defined in the OWASP Software Component Verification Standard (SCVS).
Learn more

Integrations

See Integrations

Ratings/Reviews

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Company Information

Sonatype
Founded: 2008
United States
www.sonatype.com/nexus/auditor

Videos and Screen Captures

Nexus Auditor Screenshot 1
Nexus Auditor Screenshot 1
You Might Also Like
Azavista Event Management Software Icon
Azavista Event Management Software

Plan smart, execute better with Azavista’s cloud-based event management platform for on-site and virtual events.

Azavista is the all-in-one Event Management solution that helps corporate, and conference professionals improve the experience and streamline venue planning. Offering a platform and Visitor Management tools that handle any event; the software is scalable with loads of features, like the ability to create notices when specific guests arrive or setting threshold limits for the number of attendees.
Learn More

Product Details

Platforms Supported
SaaS

Nexus Auditor Frequently Asked Questions

Q: What kinds of users and organization types does Nexus Auditor work with?
Q: What languages does Nexus Auditor support in their product?
Q: What other applications or services does Nexus Auditor integrate with?

Nexus Auditor Product Features

Compliance

Audit Management
Risk Management
Controls Testing
HIPAA Compliance
Archiving & Retention
FDA Compliance
Sarbanes-Oxley Compliance
ISO Compliance
OSHA Compliance
Environmental Compliance
Version Control
Compliance Tracking
Incident Management
Workflow / Process Automation
Surveys & Feedback
Artificial Intelligence (AI)
Page Already Claimed. Claim Again?