Insights (SCA)

Manage Your
Open Source Risk.

Insights Open Source helps you to reduce risk from third-party components, remediate vulnerabilities and ensure license compliance. Automate policies throughout the SDLC.

Choose the plan that fits your needs

Kiuwan Insights supports the continuity and integrity of open source management with a complete multi-technology solution that seamlessly integrates with key SDLC tools.

With Kiuwan Insights, you can identify and manage:

  • vulnerabilities,
  • compliance, and
  • operational risk

that may arise from using open source components.
Open source components are a significant and important part of commercial software today. Yet the use of these components introduces the risk of security vulnerabilities, as well as a need to ensure proper licensing and adherence to policies.

Automation is an essential strategy for detection of open source components and security vulnerabilities, compliance analysis, and policy enforcement.

scan your code for free

Key Features


Identify Components

Generate a complete and accurate inventory of all open source and third-party components used during builds or in applications.

detect threats

Detect Threats

Investigate the security risks involved with your open source components so that you can address each of them.
Avoid Obsolescence

Avoid Obsolescence

Manage your libraries: check for updates, track versions, and identify security issues. Get automatic obsolescence alerts.

Increase Efficiency

Need to know if you’re impacted by a new security vulnerability alert or to check for license issues? Kiuwan Insights eliminates the time consuming and error-prone process of manually compiling an inventory.

Identify Security Risks

Uncover the security risks involved with your open source components so that you can address each of them as they apply to your application.

Isolate Dependencies

Open source deployments often include a lot of unused features that cause dependency issues. Kiuwan code quality analysis helps identify any unused code and remove it, further reducing the risk of running into dependency problems.

scan your code for free

Kiuwan Insights continuously scans the NIST National Vulnerability Database for new vulnerabilities, in addition to using our own knowledge base and research by security experts.

Languages Repositories Build systems
Go GitHub go.mod Gopkg.lock
Java Maven
nt (*.xml files)
Maven (pom.xml files)
Gradle (*.gradle files)
*.jar, *.war, *.ear files
Javascript Npm
Npm (package.json files)
Bower (bower.json files)
Yarn (package.json files)
Kotlin Mave
nt (*.xml files)
Maven (pom.xml files)
Gradle (*.gradle files)
.Net Nuget Nuget (*.csproj, project.json, global.json, *.vbproj files)
Python PyPIMbr
PyPI ( files)
Requirements (txt file with declared dependencies)
Scala Maven SBT (build.sbt)
Swift Cocoapods
Podspec (*.podspec, Podfile.lock files) Package (Package.swift files)
Php Packagist
Composer (composer.json, composer.lock files)
Ruby RubyGems
Gemfile, Gemfile.lock and *.gemspec files

Experience Kiuwan

Get your free demo today!