Our technical guides give you an in-depth look at key IQ Server concepts and features.

Containers in IQ Server

This article goes over what containers are, how they’re scanned in IQ Server, and how you can evaluate policy against container images.

Policy-Centric Application Report

The IQ Server team has made updates the the Application Composition Report, making policy results, in both summaries and details, the core of the report.

IQ Server Grandfathering

This article explains the grandfathering feature in IQ Server. Grandfathering lets you see existing risk, prioritize what you want to fix, and then focus on any new risks while working your way through the grandfathered violations.

CI / CD Pipeline at Sonatype

This article walks you through the declarative Jenkins pipeline used at Sonatype, showing you where our products integrate in a modern CI/CD process.

Understanding Vulnerability Data

This article explains what Sonatype vulnerability data is and how it's produced. Sonatype Data Services are continuously updated, allowing the most recent data to be visible the instant a Nexus Lifecycle analysis occurs.

Using Webhooks: IQ & Slack Integration

This article shows you how to build a webhook and deploy it to a Serverless framework like AWS Lambda. The Serverless function will consume an IQ policy evaluation event and push a message about it to Slack.