Shift Security Left with the Sonatype Platform Browser Extension - Scan Open Source Repositories for known Vulnerabilities.
This extension for Chromium browsers works with the Sonatype Platform to empower Developers to make better choices earlier in the Software Development Lifecycle.
Connect this extension to your Organization's Sonatype Lifecycle Server and get instant risk insight as you browse public Open Source Registries such as Maven Central (for Java), NPM (for Javascript), PyPi (for Python) and many many more.
This extension supersedes our previous extension (Nexus IQ Chrome Extension) which is being retired by the end of 2023.
Latest reviews
- (2023-08-16) Neil Schloth: A great tool for analyzing OSS components on the web for high-risk security vulnerabilities prior to downloading for use. Prevent mistakes early on in the SDLC by alerting on insecure packages before they are built in to application code.
- (2023-08-10) Roy Decker: An awesome solution for researching open source components that are being considered for an application.
- (2023-07-14) Ben Hartley: The ultimate in shifting left!
- (2023-07-14) Patrick Kiessling: Nice!
- (2023-07-14) Paul Meharg: I find this very useful to get a preview of the security and legal implications of acomponent before I start to write code! Keeps me from creating technical debt from the git-go.
- (2023-07-14) Adam Such: Very useful plugin!
- (2023-07-14) Alexander Plattel: Excellent tool for looking at Open Source packages before you download them.
- (2023-07-11) Joseph Bernie: An extremely useful plugin for Sonatype customers!!