Considering Sonatype Auditor? You should, but know these things first

By Kadi Grigg on June 25, 2020 JIRA

3 minute read time

Nexus Auditor, in the right use case, is a solid, cost-effective solution. Is Nexus Auditor the solution for you? Maybe, maybe not. Here's how to find out.
Read More...

Workflow automation: Publishing artifacts to Sonatype Nexus Repository using Jenkins Pipelines

By Dmitriy Akulov on June 12, 2020 AppSec

8 minute read time

Use Sonatype Nexus Repository to create an automated workflow to build, store, organize, and monitor the compiled Maven artifacts through a CI server.
Read More...

How to publish Docker images on a private Sonatype Nexus Repository using Jib Maven plugin

By Awkash Agrawal on June 08, 2020 AppSec

4 minute read time

Learn how to publish Docker images to a private Nexus repository with the help of the Maven Jib plugin.
Read More...

Managing Nexus API Using Jenkins X

By Steve Boardwell on March 13, 2020 jenkins

6 minute read time

Steve Boardwell demonstrates how to create custom repositories in your Jenkins X managed Nexus server, and what is possible with the Nexus scripting API.
Read More...

Nexus Intelligence Insights CVE-2020-2100: Jenkins - UDP Amplification Reflection Attack Leading to Distributed Denial of Service (DDoS)

By Ax Sharma on February 12, 2020 vulnerabilities

6 minute read time

CVE-2020-2100 takes advantage of the fact that, by default, both UDP multicast/broadcast and DNS multicast traffic is enabled on Jenkins. Here's what to do.
Read More...

How to Publish Java Artifacts to Nexus Using Jenkins and Maven

By Daniel Hernández on February 07, 2020 Nexus Repository

4 minute read time

In this article we are going to explore how you can publish Java artifacts (.ear, .jar, .war) to Nexus 3 using Jenkins and Maven.
Read More...

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

By Katie McCaskey on October 16, 2019 JenkinsCI

2 minute read time

Justin Young (@whyjustin) demonstrates how a malicious component can access your connected network - and how to identify that component inside Jenkins.
Read More...

How to Deploy a Jenkins Cluster on AWS as Part of a Fully Automate CI/CD Platform

By Mohamed Labouardy on November 05, 2018 jenkins

11 minute read time

Following his Nexus User Conference talk on how to build a fully automated CI/CD platform on AWS, using Terraform, Packer & Ansible, Mohamed Labouardy goes.
Read More...

The Power of Data in DevSecOps

By Derek Weeks on January 28, 2018 OSS governance

2 minute read time

Better data improves mean times to repair in DevSecOps pipelines.
Read More...