Know your dependencies
Scan your code with Kiuwan Insights to easily generate a complete inventory of the open source and third-party components of your application.
Identify your licensing risk
Proprietary, permissive, or copyleft? Understand your risk level from open-source and third-party licenses with easy-to-understand reports.
Enforce your policies
Automate discovery of open source components. Identify components with known vulnerabilities, obsolete versions, and licensing issues.
Get the benefits of open source without the risks
Open source is a tremendous benefit to the developer community. Publicly-available code helps developers be more efficient and learn better coding techniques. In a survey by the Linux Foundation, 63% of large companies reported active open-source projects. Only 15% of survey respondents said they “never use” open source code in their commercial projects. The shift to cloud-native technologies is driving rapid growth in the open-source codebase.
But open-source components create risk. Publicly available code can have known vulnerabilities that expose your application to attack. When new versions are released, you must update to avoid obsolete code in your application. And while a small amount of “public domain” code is shared without a license, most open source is covered by one of the 9 popular types of licenses. In fact, the Open Source Initiative has approved 80 different types of licenses. Do you know which ones affect your application?
How do you ensure license compliance?
The cost of non-compliance can be high. If you redistribute open source code or third-party code in violation of the license, you could be hit with legal action and hefty monetary damages. But manually tracking open source component use is labor-intensive and error-prone.
Kiuwan Insights is a Software Composition Analysis (SCA) tool that examines your code, generates an inventory of your open-source and third-party components, and helps you manage your libraries automatically.
For each license used by components of your application, you’ll see valuable information, including:
- The name of the license
- Which components are using it
- A link to the registered license text
- The license type
- Your risk level
Understand your risk level at a glance
Kiuwan Insights’ default license policy treats Copyleft, Copyrighted, and Proprietary licenses as high risk, and Public Domain, Permissive, and Weak Copyleft licenses as no risk. You can customize the policy to meet your particular needs. Learn about the difference between copyleft and permissive licenses on our blog.
Do more with Kiuwan Insights
Generate a complete component inventory. Identify unused code and remove it, reducing the risk of dependency issues.
Protect against security threats from open source components. Kiuwan continuously scans the NIST database to identify known vulnerabilities.
Avoid obsolescence. Manage your libraries, check for updates, track versions, get automatic obsolescence alerts.
Combine Kiuwan Code Security with Kiuwan Insights
for 360° coverage of your application’s source code.
‘During the evolution of our software framework to CI, we detected inconsistencies in the use of third-party libraries thanks to Insights.’
Jaime G, Technical Manager in IT Directorate
Ease of Use
Enjoy a comprehensive Kiuwan trial today!