Case Study: BNP Paribas Personal Finance achieves open-source visibility and a shift-left DevSecOps culture with Sonatype Nexus Platform

A Sonatype Case Study

Open Source Revolution at BNP Paribas Personal Finance Defining DevSecOps and Shifting Left with the Nexus Platform

BNP Paribas Personal Finance, part of the global BNP Paribas Group, realized its software relied heavily on open source but had almost no visibility or automation around library use. With libraries scattered in Git, manual procedures, and development silos across ~250 developers, the company lacked insight into dependencies, vulnerabilities, and licensing risk.

By implementing Sonatype’s Nexus Repository and Nexus IQ, BNP Paribas Personal Finance gained transparency into open source usage, automated dependency management, and actionable vulnerability and license reporting. The platform’s reports are being integrated into security reviews and asset dashboards, driving a cultural shift toward security champions, training, and stronger governance across the development lifecycle.

Open case study document...

BNP Paribas

Bruno Darras

Head of DevOps

Sonatype

42 Case Studies

Case Study: BNP Paribas Personal Finance achieves open-source visibility and a shift-left DevSecOps culture with Sonatype Nexus Platform

Open Source Revolution at BNP Paribas Personal Finance Defining DevSecOps and Shifting Left with the Nexus Platform

BNP Paribas

Sonatype

Was it helpful? Rate this case study:

Thank you for your feedback.