Case Study: Creditreform eliminates manual open-source evaluation and scales automated licensing and security with Sonatype Nexus Lifecycle

Safe, Secure International Credit Risk Management with Nexus Lifecycle and IQ Server

Creditreform is an international credit reporting and debt collection group headquartered in Germany with 4,500 employees across 23 countries. Its development teams struggled to track and monitor open source components—lacking transparency around licensing, governance and dependencies—and relied on slow, manual security and license evaluations that became a bottleneck as applications multiplied.

After evaluating Sonatype Nexus Lifecycle (vs. Black Duck) Creditreform implemented Nexus Lifecycle integrated with its existing toolset, using out‑of‑the‑box policies refined by teams during a proof‑of‑concept. The result: automated licensing and governance checks that removed manual evaluation work, scaled with a growing application portfolio, were easy to deploy, and let developers focus on building secure software while improving open source risk management.

Creditreform

Antje Nowack

Head of Research and Basic Concerns