Insights (SCA)

Manage Your
Open Source Risk.

Kiuwan Insights Open Source helps you to reduce risk from third-party components, remediate vulnerabilities and ensure license compliance. Automate policies throughout the SDLC.

SAST Graphic –

SIMPLE OPEN SOURCE CODE VALIDATION

Z

Manage Open Source Components

Open source components are a significant part of commercial software today. The use of these components introduces the risk of security vulnerabilities, Obsolescence, Licensing and Policy issues.

Z

Automate Code Management

Automation is an essential aspect for the management of open source components and security vulnerabilities, with the Kiuwan SCA tool development teams can feel confident in their use of open source code.

Z

Seamless Integration

Use Kiuwan directly with your current Software Development Lifecycle, Kiuwan insights supports the continuity and integrity of Open Source management with a complete multi-technology solution.

Website Pop-out Graphic@2x

YOU KNOW CODE, WE KNOW CODE SECURITY

Key SCA Product Features

SCA
components

Identify Components

Generate a complete and accurate inventory of all open source and third-party components used during builds or in applications.

detect threats

Detect Threats

Investigate the security risks involved with your open source components so that you can address each of them.
Avoid Obsolescence

Avoid Obsolescence

Manage your libraries: check for updates, track versions, and identify security issues. Get automatic obsolescence alerts.

Increase Efficiency

Need to know if you’re impacted by a new security vulnerability alert or to check for license issues? Kiuwan Insights eliminates the time consuming and error-prone process of manually compiling an inventory.

Identify Security Risks

Uncover the security risks involved with your open source components so that you can address each of them as they apply to your application.

Isolate Dependencies

Open source deployments often include a lot of unused features that cause dependency issues. Kiuwan code quality analysis helps identify any unused code and remove it, further reducing the risk of running into dependency problems.

Insights (SCA)

SCA Language Support

Languages Repositories Build systems
Go GitHub go.mod Gopkg.lock
Java Maven
Gradle
nt (*.xml files)
Maven (pom.xml files)
Gradle (*.gradle files)
*.jar, *.war, *.ear files
Javascript Npm
Bower
Npm (package.json files)
Bower (bower.json files)
Yarn (package.json files)
Kotlin Mave
Gradle
Ant
nt (*.xml files)
Maven (pom.xml files)
Gradle (*.gradle files)
.Net Nuget Nuget (*.csproj, project.json, global.json, *.vbproj files)
Python PyPIMbr
GitHub
PyPI (setup.py files)
Requirements (txt file with declared dependencies)
Scala Maven SBT (build.sbt)
Swift Cocoapods
GitHub
Podspec (*.podspec, Podfile.lock files)
Php Packagist
Composer (composer.json, composer.lock files)
Ruby RubyGems
Gemfile, Gemfile.lock and *.gemspec files

Plans Built For Your Team’s Needs