Nexus Firewall Extends Support for RubyGems and RPM

March 23, 2018 By Michelle Dufty

2 minute read time

Today, we announced extended support for RubyGems and RPM components within Nexus Firewall. This means that every RubyGems and RPM component downloaded from public repositories is evaluated for license, security, and other risks.  Nexus Firewall allows good components through, and bad components get stopped and quarantined at the front door. Nexus Firewall also supports this same capability for Java, .NET, npm, and PyPi components.

Firewall image.png

Our data research team identified over 34,000 vulnerabilities within RubyGems and RPM components - making it nearly impossible for DevOps teams to manually determine which ones are good and which ones are bad. With Nexus Firewall, open source governance policies are automatically evaluated when proxying public repositories to quarantine components that don’t comply with policy.

With GDPR right around the corner and in light of recent security breaches, it is important to shift security practices left. Nexus Firewall integrates automated security into the earliest stage of a DevSecOps pipeline to ensure organizations build applications that are secure by design.

Watch this video to see how it works and reach out if you want to learn more.

 

Tags: rpm, Nexus Firewall, rubygem, Product

Written by Michelle Dufty

Michelle Dufty is the Senior Director of Product Marketing at Sonatype where she brings solutions to market that unite development, security, and operations teams to accelerate software innovation while minimizing open source risk.