Getting Started with SOOS SCA

sca helps ensure that the open source components that developers embed in their applications meet basic security standards and do not introduce risk to the organization soos core sca runs a proprietary, patented analysis engine which runs deep dependency analysis, license analysis, vulnerability detection and cryptographic validation using our database of 84+ million packages getting started running an sca scan is quick and easy, once you have an account there are a number of ways to run your first scan, from there you can add additional configurations and integrations create a trial first you'll need a trial account, follow initial account creation docid\ pkpcajqtnqjrxbll1hugc to get set up run your first scan the quickest way to run a scan is to run a quickscan docid\ btqhfzqnd61qathhnhhb7 script or ci/cd integration use the sca tab of the integrations docid\ becfu au8wgt224lmm62g page to configure and run an sca scan using a script or ci/cd system how do sca scans appear in the soos app? sca scans will appear on your developer dashboad docid\ fhvqnychnq4kw2bmmnnin as projects project names can be specified using the script or ci/cd integration or may be taken from the manifest file if available if the project name corresponds to an existing project, the scan indicator will be used to show all scan types for the project see projects docid\ dxqzagmx rouuqu8lbent for more details on determining and switching scan types for a project technical readme want the technical details? check out or github readme it has all the details you'll need you can also browse the full source of our sca integration script under this same github repo, if you're curious! configuration the soos configuration system docid 5osexx1iyyvd unye3u7f provides a highly flexible and overridable configuration system integrations soos supports numerous integrations docid\ becfu au8wgt224lmm62g , including issue management integrations docid\ xfobdotvahwh1l6epafnq