Sonatype

×

Lesson Category: Free

Who Is Responsible for Security

Everyone is responsible for security—not just the security team.  These include: Policy Creators Integration Participants Developer Participants. Each of these categories identify where certain roles in the software development lifecycle (SDLC) fall into the Nexus IQ process, along with their responsibilities. Policy Creators Policy creators are the subject matter experts in your organization who create and …

Who Is Responsible for Security Read More »

Where Do I Fit In?

The following section is a typical example of the software development lifecycle process and the various stakeholders involved. When you build your application, you pull OSS components from Nexus Repository.  Nexus Repository downloads components from places like Maven Central or other 3rd party repositories. Developers use those components, do some integration work, write their own …

Where Do I Fit In? Read More »

NXRM Security Essentials 100 – Summary

Congratulations!You have completed this course.  You are now able to: Identify essential parts of the Nexus repository OSS security model. Describe how security is managed through the configuration of users, roles, and privileges. Discuss content selectors and how you can use them to define the path for your development teams. Define realms within Nexus repository. Resources …

NXRM Security Essentials 100 – Summary Read More »

Roles – Assign User Privileges

Objectives By the end of this lesson, you will be able to: Describe how roles are used in NXRM3. Define the way in which roles aggregate privileges. Articulate the way that roles can be grouped to create complex roles. Assign User Privileges Roles assign users to a set of privileges. We can actually assign whole …

Roles – Assign User Privileges Read More »

Users – The Build Machine

Objectives By the end of this lesson, you will be able to: Identify the two, out-of-the-box, default users in NXRM3. Describe the relationship between users, roles and privileges. Discuss how you can easily create additional roles to build your access controls. Users – The Build Machine As we talk about different types of users in …

Users – The Build Machine Read More »

Privileges – Setting Repository Access

Objectives By the end of this lesson, you will be able to: Describe how privileges control access to specific functionality. Discuss how creating custom privileges can meet your organization’s needs. Setting Repository Access Privileges control access to specific functionality to any of the repositories that are installed or you have configured. An extensive list of default …

Privileges – Setting Repository Access Read More »

Course Summary

Congratulations!You have completed this course.  You are now able to: Identify risks and vulnerabilities in using open source software and ways to mitigate those risks. Articulate the benefits of using Nexus IQ. Describe where the developer fits into the Nexus IQ policy process. Define what a policy is. Recognize when remediation is required. Resources Need more …

Course Summary Read More »

Working With Nexus IQ Policies

Objectives By the end of this lesson, you will be able to: Articulate the definition of a policy Evaluate an application Decide when remediation is required What is a Policy in Nexus IQ Review this video to learn about policies in Nexus IQ. Now that you know more about IQ Server, and how it is used …

Working With Nexus IQ Policies Read More »