1. Home
  2. Software Composition Analysis (SCA) Tools
  3. Sonatype Platform Reviews
  4. User Review of Sonatype Platform
Excellent Product Suite - Enables Proactive Vulnerability & SBOM Management
November 16, 2023

Excellent Product Suite - Enables Proactive Vulnerability & SBOM Management

Frederick Farber | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Modules Used

  • Nexus Repository Pro
  • Nexus Firewall
  • Nexus Lifecycle
  • Nexus Lifecyle Add-On - Advanced Legal Pack

Overall Satisfaction with Sonatype Platform

Top tier platform for identifying, remediating and managing known source code vulnerabilities across a large portfolio of applications. We incorporated Nexus Lifecycle scanning into our end to end pipelines with great success.
  • Vulnerability identification and best path to remediation.
  • Very well supported platform - exceptional customer service.
  • Ongoing monitoring of last released BOM per application and alerting of new vulnerabilities.
  • Recommendations for best Energy Consumption options based on existing BOM - e.g. replace component X with component Y to reduce CPU cycles.
  • More specific recommendations regarding Open Source Licensing - not just saying "Copyleft" but the next level of analysis (it's difficult - but would save a lot of time)
  • Provide specific component replacement options where no "next version" resolves a high severity vulnerability.
  • Vulnerability Identification / Remediation Guidance
  • Relatively simple ingest/onboarding process per application
  • Outstanding support
  • Enabled us to be more proactive on vulnerability remediation
  • Significant reduction in legacy technical debt
  • Being proactive with monthly touchpoints to keep our progress moving forward
  • Black Duck Software Composition Analysis (SCA)
Sonatype seemed like a more complete platform.

Do you think Sonatype Platform delivers good value for the price?

Yes

Are you happy with Sonatype Platform's feature set?

Yes

Did Sonatype Platform live up to sales and marketing promises?

Yes

Did implementation of Sonatype Platform go as expected?

Yes

Would you buy Sonatype Platform again?

Yes

Product suite fits nicely in a large enterprise environment with a lot of applications.

Sonatype Platform Support

Monthly touchpoints with Sinisa has been very valuable.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
I don't remember if we purchased this option or not.
Yes - Yes
Sonatype provides ongoing monthly support which has been valuable and timely.