Sonatype

×

Lesson Category: Free

Creating and Managing Users

Objectives By the end this lesson, you will be able to:  Articulate the ways to create new users.  Describe various ways to manage users.  Describe how to create LDAP connections and LDAP user groups. Scenario: Managing Users, Privileges, and Roles In this scenario, we introduce Jane, a Repository Administrator, working at a small enterprise onboarding NXRM. …

Creating and Managing Users Read More »

Course Summary

Congratulations!You have completed this course.  You are now able to: Determine the steps to remediate risk as related to security vulnerabilities and policy violations. Identify the steps to choose better open source components within applications, prioritizing remediation. Resources Need more help? We have you covered: community.sonatype.com for asking questions and connecting with the Nexus Community my.sonatype.com for all …

Course Summary Read More »

Lesson 4 – Copy

By the end of this lesson, you will be able to: Objective Statement One Objective Statement Two Objective Statement Three Add / Remove as needed <Heading Title> Content for heading ^^^ <Heading Title> Content for heading ^^^ add and remove as needed Review this video to… Lesson 4 Summary Summary Statement One Summary Statement Two …

Lesson 4 – Copy Read More »

Lesson 2 Summary

Lesson 2 Summary Congratulations, you’ve completed Lesson 2! Now you are able to identify the appropriate path to remediation: Upgrade to a non-vulnerable version of the same component. Migrate to a component that does not contain violations. Start a Risk Management Process, knowing you may incur technical debt.

Remediation Workflows

Objectives By the end this lesson, you will be able to: Articulate the importance of the best possible open-source components. Identify the difference between Policy and Security violations. Detect when a violation has occurred. Determine the steps to remediate risk. The Importance of Remediation Now that IQ server is successfully set up and you are running …

Remediation Workflows Read More »

Fixing Violations

Objectives By the end of this lesson, you will be able to identify the appropriate path to remediation: Upgrade to a non-vulnerable version of the same component. Migrate to a component that does not contain violations. Start a Risk Management Process, knowing you may incur technical debt. Now that your plans are in place, watch …

Fixing Violations Read More »

Welcome to IQ-103 Component Remediation

This course will help you identify various workflows to remediate vulnerable components in your applications as identified by Nexus IQ Server. Questions for Reflection Consider the following questions. There are no right or wrong answers, just a few questions for reflection before you learn more about remediation in IQ Server. How can effective remediation techniques …

Welcome to IQ-103 Component Remediation Read More »

Who Is Responsible for Security

Everyone is responsible for security—not just the security team.  These include: Policy Creators Integration Participants Developer Participants. Each of these categories identify where certain roles in the software development lifecycle (SDLC) fall into the Nexus IQ process, along with their responsibilities. Policy Creators Policy creators are the subject matter experts in your organization who create and …

Who Is Responsible for Security Read More »

Where Do I Fit In?

The following section is a typical example of the software development lifecycle process and the various stakeholders involved. When you build your application, you pull OSS components from Nexus Repository.  Nexus Repository downloads components from places like Maven Central or other 3rd party repositories. Developers use those components, do some integration work, write their own …

Where Do I Fit In? Read More »