Sonatype

×
Sign In

Lesson Tag: Lesson 3

Remediation Assistance

Filtering the Component List If you have multiple projects loaded into your IDE and need to view a specific subset of results — the plugin has a Filter option that allows you to set the scope for the results displayed within the panel.  This could be useful when you need to review vulnerabilities pertaining to …

Remediation Assistance Read More »

Summary – Lesson 3

You have completed Lesson 2.  You are now able to: Using the Component Info tab to view vulnerabilities Viewing policy details Analyzing license types and risks  Analyzing security risks Taking the necessary steps to start remediating

Evaluating a Project

Assigning Your IDE Project and Triggering an Evaluation Once the IDE plugin has been successfully installed and configured the next step will be to associate your local IDE project with an IQ application so it can be evaluated against the defined policies. Here is an example of an Eclipse IDE with a WebGoat Java project …

Evaluating a Project Read More »

IDE Integration

Getting Started Sonatype’s IDE Integrations provides you with direct access to Sonatype’s comprehensive component intelligence right within your IDE. It measures your components against your organization’s open source governance policy. This helps you to pick components that align with policy. Objectives By the end of this lesson, you will be able to use the plugin …

IDE Integration Read More »

Lesson 3 Demo and Test Course – Private

Objectives By the end of this lesson, you will be able to: Objective Statement One Objective Statement Two Objective Statement Three <Heading Title> Content for heading ^^^ <Heading Title> Content for heading ^^^ Add and remove as needed Review this video to …

Repository Types

Objectives By the end of this lesson, you will be able to: Explain the concept of a proxy repository. Explain the concept of a hosted repository. Explain the concept of a group repository. Identify the repository types needed in your organization. What are Repository Types? In Nexus Repository Manager there are three repository types—proxy repositories, …

Repository Types Read More »

Lesson 3 Title DevSecOps100

By the end of this lesson, you will be able to: Objective Statement One Objective Statement Two Objective Statement Three <Heading Title> Content for heading ^^^ <Heading Title> Content for heading ^^^ Add and remove as needed Review this video to …

Configuring Group Repositories

Objectives By the end of this lesson, you will be able to: Understand the general purpose and capabilities of a repository group. Recognize the need for a repository group.  Demonstrate how to create a repository group via the Maven group recipe.  Demonstrate how to download components from the Central Repository through the repository group.  Demonstrate …

Configuring Group Repositories Read More »

Licenses Analysis

Objectives By the end of this lesson, you will be able to: Identify which licenses are declared and which are observed licenses. Identify ways to define custom policies to help guide your development teams. List the ways Sonatype’s Nexus Lifecycle can help you / your organization. View of Vulnerabilities Nexus Lifecycle catalogs all of the licenses you are using.  From that, it provides you …

Licenses Analysis Read More »