Webhooks Example: IQ and Slack Integration
Build a webhook and deploy it to a Serverless framework like AWS Lambda. The Serverless function will consume an IQ policy evaluation event and push a message about it to Slack.
Earlier today, Robert Hackett at Fortune published an eye opening report on the number of organizations who continue to download known vulnerable open source components. His focus for the article was specifically on the Struts web application framework. Why?
If you’re a Nexus Repository admin, you understand the importance of keeping a repository healthy. We recently made a few changes to Repository Health Check (RHC) to help you in this quest. It now surfaces oft-used vulnerable components and gives the information you need to research and remediate those components.
In 2017, 57% of all participants in the DevSecOps Community survey confirmed that, yes, they did have an open source policy. In 2018 this has risen to 64% - but 35% say they ignore it.
Firewall on Repository Manager OSS
Take the Good. Leave the Bad and the Ugly.
