Getting Started: SOOS SCA

What is Software Composition Analysis?

a.k.a SCA

Tips for Getting Started with SOOS

Started your free trial and looking to get the most out of your SOOS application?

Creating Your SOOS Account

Get started with SOOS by creating your account.

Logging in to your SOOS User Account: Email or Social Sign-on

How to access your company's SOOS account.

Subscriptions & Billing

Activate your subscription

Adding Users

Getting the whole team involved.

Understanding User Roles

Managing user permissions.

QuickScan: Scan GitHub Repos On Demand

Use SOOS to quickly view the details of a project.

Manifest Scanning: Vulnerability Scans Without Needing to Integrate

Upload manifest files for instant scanning

Developer Dashboard Metrics

A quick look at how hard SOOS is working for you.

Project Details

Access details for your SOOS projects

Project Details: Issues tab

Learn about the issues detected in your projects

Project Details: Dependencies tab

Learn about the packages in your projects

Project Details: Licenses tab

Learn about the package licenses used in your projects

Project Details: History tab

See the scan history of your project

Project Detail Metrics

Summary information provided by SOOS at the project level.

Viewing Your Issues

View issues being identified in your SOOS projects

Researching your issues

Learn more about the issues in found in your projects

Research Vulnerabilities

Search for open source CVEs of interest

Vulnerability Detail Page

Learn more about the Vulnerabilities in your projects

Research Packages

Search for open source packages of interest

Package Detail Page

Learn more about the packages you're using

Research Licenses

Search for open source licenses of interest

License Detail Page

Learn more about the licenses in your projects

SOOS Badges

Highlight information about your projects

What is a Software Bill of Materials (SBOM) report?

What you need to know about this important cyber security document.

What is a Vulnerability-Exploitability eXchange (VEX) Report?

Document how vulnerabilities do, or do not, impact your code.

Creating Governance Policies

Create policies to manage your open source risk

Configurations: Global and Project-Level Settings

Configure your SOOS account settings

Notification Email Settings

Stay on top of your scans.

Viewing User Account Information

Activity Log

View a record of your alerts

Submitting Feature Requests for SOOS

Send us your ideas!

Contact Us

Need to get in touch with the SOOS team?

GitHub Pull Requests

Create a fix branch directly in your GitHub project

GitHub Scan Status Checks

Check on your scan status without leaving GitHub

Fixing your issues

Send issue correction details to Jira, Azure DevOps, Shortcut, or GitHub

Create Central Azure DevOps Task Keys

Store one copy of your task keys rather than once per pipeline

Managing Projects and Branches

Edit and delete projects & branches in one place

Legal Dashboard

All the licenses in all your projects in one place

Security Dashboard

A glance at your security exposure

Single Sign On

Organization Management

Actions Audit

A timeline of account actions

Compliance Dashboard

Track your SLA adherence