Insights (SCA)
Manage Your
Open Source Risk.
Kiuwan Insights Open Source helps you to reduce risk from third-party components, remediate vulnerabilities and ensure license compliance. Automate policies throughout the SDLC.
SIMPLE OPEN SOURCE CODE VALIDATION
Manage Open Source Components
Open source components are a significant part of commercial software today. The use of these components introduces the risk of security vulnerabilities, Obsolescence, Licensing and Policy issues.
Automate Code Management
Automation is an essential aspect for the management of open source components and security vulnerabilities, with the Kiuwan SCA tool development teams can feel confident in their use of open source code.
Seamless Integration
Use Kiuwan directly with your current Software Development Lifecycle, Kiuwan insights supports the continuity and integrity of Open Source management with a complete multi-technology solution.
YOU KNOW CODE, WE KNOW CODE SECURITY
Key SCA Product Features
Identify Components
Generate a complete and accurate inventory of all open source and third-party components used during builds or in applications.
Detect Threats
Avoid Obsolescence
Increase Efficiency
Need to know if you’re impacted by a new security vulnerability alert or to check for license issues? Kiuwan Insights eliminates the time consuming and error-prone process of manually compiling an inventory.
Identify Security Risks
Uncover the security risks involved with your open source components so that you can address each of them as they apply to your application.
Isolate Dependencies
Open source deployments often include a lot of unused features that cause dependency issues. Kiuwan code quality analysis helps identify any unused code and remove it, further reducing the risk of running into dependency problems.
SCA Language Support
Languages | Repositories | Build systems |
---|---|---|
Go | GitHub | go.mod
Gopkg.lock |
Java | Maven Gradle |
nt (*.xml files) Maven (pom.xml files) Gradle (*.gradle files) *.jar, *.war, *.ear files |
Javascript | Npm Bower |
Npm (package.json files) Bower (bower.json files) Yarn (package.json files) |
Kotlin | Mave Gradle Ant |
nt (*.xml files) Maven (pom.xml files) Gradle (*.gradle files) |
.Net | Nuget | Nuget (*.csproj, project.json, global.json, *.vbproj files) |
Python | PyPIMbr GitHub |
PyPI (setup.py files) Requirements (txt file with declared dependencies) |
Scala | Maven | SBT (build.sbt) |
Swift | Cocoapods GitHub |
Podspec (*.podspec, Podfile.lock files) |
Php | Packagist |
Composer (composer.json, composer.lock files) |
Ruby | RubyGems |
Gemfile, Gemfile.lock and *.gemspec files |
Plans Built For Your Team’s Needs
SCANS
Starting at $1,199- Best for a security audit
- 1 to 5 one-time scans
- Technical support
- Component inventory
- Obsolescence management
- License risk management
CONTINUOUS
on request- Best for continuous security
- Unlimited scans
- Technical support
- Component inventory
- Obsolescence management
- License risk management