Nexus Vulnerability Scanner is a tool that scans your application for vulnerabilities and gives you a report on its analysis.
As claimed by Sonatype, the average application consists of around 100+ open-source components and around 20+ vulnerabilities.
Obviously, with so many potential weak points in your application, it’s not deployment ready. And ignoring the security of your application might affect the business.
Once you’ve developed your application and made sure that it works as expected, you should concentrate on how secure the application is.
Now, let me show you how you can use Nexus Vulnerability Scanner to scan your application.
Setting Up Nexus Vulnerability Scanner
The first step is to download the tool. You can find it here. To access the tool, you have to fill out a simple form and then click on the download button.
The application you have to download is small in size so it won’t take much time.
Once the download is complete, extract the contents from the downloaded file. That’s it! You’ve set up the scanner!
Using Nexus Vulnerability Scanner
Now, to start the application, get into the application folder and execute the application-check file.
After the application starts, you’ll see the application window. It will ask you to select the application in which you want to find vulnerabilities.
Sonatype Sample Applications
If (Read more…)
*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Omkar Hiremath. Read the original post at: https://blog.sonatype.com/nexus-vulnerability-scanner-and-vulnerability-analysis