Sonatype Guide

What do you like best about the product?

Zero false positives in component identification and vulnerability reported for those built in Java and .NET.

What do you dislike about the product?

Doesnt work well for components developed in C, C++ and mobile languages

What problems is the product solving and how is that benefiting you?

Software composition analysis

What do you like best about the product?

Good documentation and plugins available to support almost every language

What do you dislike about the product?

Older version don't have as much support as newer ones and it takes a while to upgrade

What problems is the product solving and how is that benefiting you?

Automating deployments by have specific metrics come from nexus. It saves time and effort.

Recommendations to others considering the product:

Make sure the language you want to use is supported

What do you like best about the product?

I like the ease of use of the application.

What do you dislike about the product?

I'm unable to have more than one admin user.

What problems is the product solving and how is that benefiting you?

I'm solving my monthly vulnerability scanning issues
I'm able to identify mis-configurations on devices within the environment
I'm able to identify devices with missing patches within the environment
I'm able to identify vulnerable devices within the environment

Recommendations to others considering the product:

I would only consider using this product for small to medium sized companies.

What do you like best about the product?

Nexus is best vulnerability scanning tool to identify the vulnerabilities and misconfugration in server.

What do you dislike about the product?

Some time nexus generates the false positive result.

What problems is the product solving and how is that benefiting you?

Withe the nexus we are scaning our servers and patching the issues.

Recommendations to others considering the product:

Yes i recommends others to use nexus for Vulnerability scanning.