Sonatype

×
Sign In

Lesson Tag: Lesson 2

Additional Tooling

Sonatype provides many ways that you can add component intelligence to your development workflow that help you identify and select component information, recommended versions, and even migrate and remediate fixes, all in the environment you are already using. Below we have several use case scenarios for different plug-ins and when they will be helpful to …

Additional Tooling Read More »

IDE Plugins

Getting Started In this section, we’ll discuss the differences and review which IDEs are supported by Sonatype and what is available even if you don’t have an IQ Server license. Objectives By the end this lesson, you will be able to: List the IDEs that require an IQ Server license Identify which IDE works best for …

IDE Plugins Read More »

Lesson 2 Demo and Test Course – Private

Objectives By the end of this lesson, you will be able to: Objective Statement One Objective Statement Two Objective Statement Three <Heading Title> Content for heading ^^^ <Heading Title> Content for heading ^^^ Add and remove as needed Review this video to…

How Are Your Open Source Software Components Being Managed (Or Not)?

According to the 2019 DevSecOps Community Survey, nearly 40% of software development organizations with 100 developers or less believe their current infosec teams/processes are slowing them down; nearly 53% of software development organizations with more than 5000 developers believe their current infosec teams/processes are slowing them down. When integral security processes are at odds with …

How Are Your Open Source Software Components Being Managed (Or Not)? Read More »

Maven Hosted Repositories

In the previous section, you learned how to set up a proxy repository to Maven Central and use that to cache components from the public repo. This is hugely beneficial and saves time, but what do you do with internal components that aren’t downloaded from a public repository, but are used by various development teams …

Maven Hosted Repositories Read More »

Components and Formats

Objectives By the end of this lesson, you will be able to:  Describe what components are in Nexus Repository Manager.  Explain how Nexus Repository manages components.  Describe what formats are and which are supported in Nexus Repository Manager.   Determine how Nexus Repository Manager will work with components and formats in your environment.  What are Components In Nexus …

Components and Formats Read More »

Prioritizing OSS Component Management in Your DevSecOps Strategy

Objectives By the end of this lesson, you will be able to: Explain the concept of a software supply chain, its risks, and how it applies to modern software development. List three ways legacy security processes can produce unintended outcomes for software developers. Present three compelling reasons that adopting a DevSecOps process makes good business …

Prioritizing OSS Component Management in Your DevSecOps Strategy Read More »

Maven Proxy Repositories

Objectives By the end of this lesson, you will be able to: Define the use of Maven and the Central repository. Install and configure Maven. Describe the need for proxy repositories. Identify the steps to create and populate a caching proxy repository in the Maven format. Explain how hosted repositories are used. Create maven-snapshots and maven-releases hosted repositories. About Maven Apache Maven …

Maven Proxy Repositories Read More »

OSS Licenses – What’s Important?

Objectives By the end of this lesson, you will be able to: Define software distribution and how it relates to your organization. Describe how open source licenses may affect patent rights in software. Define the “notice requirement” and ways you can comply. Identify whether you have “derivative work”. Decide whether incorporating GPL code into your …

OSS Licenses – What’s Important? Read More »