Nexus Firewall

http://www.javamonamour.org/2017/09/software-vulnerability-control-with.html

As usual, Sonatype scatters his product documentation across the 5 Oceans, in the most disparate formats (blogs, videos, poorly formatted wiki pages etc)


https://my.sonatype.com/firewall/


Good video here https://blog.sonatype.com/nexus-firewall-for-oss-users

https://help.sonatype.com/iqserver/nexus-firewall-quick-start quick start

The Firewall product is really simple: given a GAV, it checks a DB (NIST Vulnerabilities) for all its vulnerabilities, and applies a bunch of rules to determine if the component is risky. If it's risky, it quarantines it, but provides a function to "unlock it" to the end user (Maven).