Resolve integrates with Sonatype to import application vulnerability data.
Resolve periodically queries Sonatype for new application files. If a new file is detected, Resolve creates a project within the specified business unit and imports findings to the project.
Configure connection, authentication, and other settings for a Sonatype integration.
- From the top menu, select .
- Click the Sonatype card.
- At the top right, click Install.
- Enter the following information:
- Name of the Sonatype instance
- Server address
- User name
- Password
- Frequency
Note: The frequency must be a cron expression. For example, enter 0 * * * * to run integration actions hourly.
- Click Next or expand the Action Configuration area.
- Enable Sonatype.
- At the top right of the page, click Save.
