Cloud Architect at a tech vendor with 10,001+ employees
Real User
Top 10
Apr 28, 2026
I recommend integrating artificial intelligence capabilities into Sonatype Repository Firewall for real-time intelligence updates regarding security risks. I also suggest enhancing policy control for improved granular policy settings and better integration with DevOps pipelines, especially in container-based workflows. I find the documentation very good as I often refer to it for information. The user interface is also very good, but I have noticed some false positives where safe components get blocked, causing unnecessary delays for developers.
There are several features lacking in the current offering, particularly concerning container support and AI packages, like humming phase support. However, I have heard that it is on the roadmap for 2025.
I suggest that Sonatype should add support for more computer languages. The product works well with languages such as Java and C#, but in my opinion, adding support for more languages would be really good. In addition, I believe that they should add some more functionality to improve the quality of the code.
Sonatype Repository Firewall ensures secure software supply chains by inspecting open-source components for vulnerabilities and other threats at the point of ingress.
Designed for real-time protection, Sonatype Repository Firewall not only identifies but also controls potentially malicious, vulnerable, or non-compliant components before they reach development teams and CI/CD pipelines. It offers automation for quarantine, blocking workflows, and integrates with repository managers like...
I recommend integrating artificial intelligence capabilities into Sonatype Repository Firewall for real-time intelligence updates regarding security risks. I also suggest enhancing policy control for improved granular policy settings and better integration with DevOps pipelines, especially in container-based workflows. I find the documentation very good as I often refer to it for information. The user interface is also very good, but I have noticed some false positives where safe components get blocked, causing unnecessary delays for developers.
There are several features lacking in the current offering, particularly concerning container support and AI packages, like humming phase support. However, I have heard that it is on the roadmap for 2025.
The tool needs to improve its file systems. The product should also include zero test feature.
I suggest that Sonatype should add support for more computer languages. The product works well with languages such as Java and C#, but in my opinion, adding support for more languages would be really good. In addition, I believe that they should add some more functionality to improve the quality of the code.