Case Study: Tyro Payments achieves stronger security and faster delivery with Sonatype Nexus Repository & Nexus Lifecycle

Building Next Generation Banking with Nexus

Tyro Payments, an Australian EFTPOS provider that expanded into full-scale banking, grew to 140+ developers across 18 engineering teams and needed a way to manage component usage, monitor application aging, and eliminate licensing and security risks without slowing Agile development. Their challenge was to create an accurate component inventory, identify vulnerable or risky components, and inform developers in real time—without introducing manual approval gates or excessive false positives that would frustrate teams.

Tyro implemented Nexus Repository and Nexus Lifecycle integrated with Jenkins, GoCD, JIRA, Confluence and Puppet to automate scans, enforce policies, and fail builds when vulnerable components are introduced. Daily and nightly scans, dashboard displays and email alerts gave immediate visibility, enabling teams to prioritize and remediate high‑risk issues, move toward continuous delivery, and safely empower developers to choose dependencies that meet automated security and licensing policies.

Tyro Payments

Edwin Kwan

Application and Software Security Team Lead