Congratulations!You have completed this course. You are now able to: Define DevSecOps, an extension of DevOps, which includes “pushing quality closer to the source” and “shifting security left” in the software development lifecycle (SDLC). Explain why DevSecOps is relevant for all modern software development organizations. List three ways legacy security processes can produce unintended outcomes for …
Congratulations! You have successfully mastered the tasks required to perform a local install of NXRM3 OSS. This includes downloading, setting up, and testing a sample application that pulls components from a public repository (all locally). For the purpose of this module, we used the example of NXRM3 OSS, proxying Maven components, hosting local components, and creating …
Congratulations!You have completed this course. You are now able to: Increase your awareness of Open Source Software (OSS) licenses. Explain why licenses are important to you when using OSS. Identify some of the risks if you are unaware of OSS license requirements. Explain how Sonatype’s Nexus Lifecycle can help you. Have a look at the course …
Congratulations!You have completed this course. You are now able to: Objective one statement Objective two statement Objective three statement Add/Remove as needed Resources Need more help? We have you covered: community.sonatype.com for asking questions and connecting with the Nexus Community my.sonatype.com for all things Sonatype help.sonatype.com for step-by-step instructions <Product> Specific (Examples below) NXRM3 Help Page Getting Started with NXRM3 …
Congratulations!You have completed this course. You are now able to: Describe the impact of making better component choices earlier in the SDLC Describe how Nexus IQ IDE Integration fits into the Sonatype Platform Determine the right place and time to introduce developer tooling into your DevSecOps process Articulate the differences between an IDE Integration analysis and …
Congratulations!You have completed this course. You are now able to: Differentiate between four main types of policies in Nexus IQ. Define various matches that result from the “other” policy type. Interpret each element of a policy. Describe the sections of the Application Composition Report. Identify the sections of the Summary tab. Describe the data in the …
Congratulations!You have completed this course. You are now able to: Identify the default users, roles, and key built-in privileges. Create and manage users. Create and manage roles. Map NXRM roles to external user groups (LDAP in this example). Assign privileges and users to roles. Resources Need more help? We have you covered: Nexus Repository Manager 3 …
Congratulations!You have completed this course. You are now able to: Determine the steps to remediate risk as related to security vulnerabilities and policy violations. Identify the steps to choose better open source components within applications, prioritizing remediation. Resources Need more help? We have you covered: community.sonatype.com for asking questions and connecting with the Nexus Community my.sonatype.com for all …
Congratulations!You have completed this course. You are now able to: Identify essential parts of the Nexus repository OSS security model. Describe how security is managed through the configuration of users, roles, and privileges. Discuss content selectors and how you can use them to define the path for your development teams. Define realms within Nexus repository. Resources …
Congratulations!You have completed this course. You are now able to: Identify risks and vulnerabilities in using open source software and ways to mitigate those risks. Articulate the benefits of using Nexus IQ. Describe where the developer fits into the Nexus IQ policy process. Define what a policy is. Recognize when remediation is required. Resources Need more …
