Getting Started with SOOS

7min
SOOS is the easy to use, easy to integrate, affordable, all in one application security platform; designed by engineers for security and engineering teams. SOOS supports multiple types of scanning, offers a free fully-featured trial, and fantastic support!
Software Composition Analysis (Core SCA)
SOOS Core SCA runs a proprietary, patented, analysis engine which performs deep dependency analysis, license analysis, vulnerability detection and cryptographic validation using our database of 92+ million packages.
Getting Started with SOOS SCA
﻿
Dynamic Application Security Testing (DAST)
SOOS DAST wraps the ZAP tool and ingests the results into our central dashboards so results can be viewed alongside all our other supported scan types. Manage issues using our issue management workflows, integrate with external issue management systems, add suppressions, and generate reports.
Getting Started with DAST
﻿
Software Bill of Materials (SBOM)
SBOM scanning ensures that first and third party SBOMs can be scanned to identify vulnerabilities and other issues within an organization's software inventory, including all components and dependencies used in building applications. This comprehensive analysis helps in maintaining transparency and security throughout the software supply chain.
SOOS SBOM scanning is built on the same proprietary, patented analysis engine as our SCA scanning, which runs deep dependency analysis, license analysis, and vulnerability detection using our database of 92+ million packages. SOOS SBOM will continually monitor your SBOMs for new threats, and will automatically link together dependent SBOMs.
Getting Started with SOOS SBOM Manager
﻿
Containers
Container scanning ensures that issues are caught with an organizations deployed applications, as well as with the runtime packages and applications required to run these applications.
SOOS Container scanning is built on the same proprietary, patented analysis engine as our SCA scanning, which runs deep dependency analysis, license analysis, and vulnerability detection using our database of 92+ million packages.
Getting Started with Container Scanning
﻿
Static Application Security Testing (SAST) - Connector
SOOS supports a SAST connector approach, where you provide the SAST tool you want to use and SOOS will ingest the results to display in our central dashboards so results can be viewed alongside all our other supported scan types. Manage issues using our issue management workflows, integrate with external issue management systems, add suppressions, and generate reports.
Getting Started with SAST
﻿
Secrets Detection - Connector
SOOS supports a Secret connector approach, where you provide the Secret detection tool you want to use and SOOS will ingest the results to display in our central dashboards so results can be viewed alongside all our other supported scan types. Manage issues using our issue management workflows, integrate with external issue management systems, add suppressions, and generate reports.
Getting Started with Secrets
﻿
﻿