Secure DevOps starts with secure Universal Package Management Build services, vulnerability scanning, and license compliance for secure DevOps automation
All your packages in a single endpoint
Aggregate external feeds into a single MyGet endpoint. Control what software your developers use. Packages from NuGet, OneGet, Chocolatey, TeamCity, npmjs, Maven Central, Bower, Packagist, PyPI, RubyGems.org or any other package source, proxied into one URL.
To shield you from changes to packages on external feeds, MyGet supports package mirroring. You can choose to mirror a package onto your own MyGet feed and make a deep copy of both the package contents, its metadata and dependencies. Upstream package sources such as NuGet.org, Npmjs.org, Maven Central or your build server can be proxied and filtered, so developers only need to configure one endpoint: your MyGet feed.
Continuous Integration: Build Services
Plan, Build and Release - Add packages to your feeds by connecting to Assembla, GitHub, Visual Studio Team Services (VSTS) or BitBucket code repository and deploy builds to compliant MyGet feeds.
MyGet build servers compile your code, discover and run any available tests, and create package artifacts. When error-free, MyGet publishes the build as a package to your feed. Using your own build server like Visual Studio Team Services, TeamCity or Jenkins? MyGet integrates with those, too.
Continuous Security: Vulnerability Scanning
Shift Security Left - Catch potential threats before they get released into the wild.
Quickly see an overview of potential vulnerabilities in all dependencies. Understand the percentage of packages with potential vulnerabilities versus the percentage of packages without known vulnerabilities. Ensure governance quickly and effectively.
Power your team with MyGet
Continuous Security:
License Governance
Over 90% of your software stack are packages. Managing dependencies is one thing, but knowing which licenses are being used is another. MyGet makes it easy to inspect and manage licenses used across your feeds. Want to ensure no GPL software is being used in your commercial apps? It’s a click away.
Package Dependency Management
Keep different versions of packages and inspect dependencies using dependency graph visualizations. Know which third-party and cross-team components are being used to ensure packages meet your standards. Automated retention rules help ensure the right packages are available to the right people.
Cloud Native & Enterprise Scale
Start collaborating in minutes on our on-demand cloud infrastructure or try out our dedicated Enterprise solution hosted in US or EU. With the MyGet Enterprise plan you get private, dedicated infrastructure for your MyGet, hosted and managed by us. Enterprise fits your Identity needs with robust support for systems such as Active Directory, ADFS, Okta and more.
Seamless Collaboration
Work as a team by sharing feeds and packages with a click of a button. Assign read-only, contribution or management permissions, and make sure only a specific group of people have certain rights. Nightly builds can be shared across teams, stable components can be shared with customers.
Secure by Design
Powerful authentication options are available for your private package feeds. Access is never allowed until the correct privileges are granted. MyGet allows granular feed privileges - read-only, contribution or management permissions, depending on the use case.
Simple to use package organization and control
Use feeds to organize your DevOps lifecycle into clear and effective team structures. Create dedicated feeds per product, team, feature or sprint. Feeds can be used as a staging area to push packages to another feed, whether on MyGet or NuGet.org, Npmjs.org or Maven Central.