What Can SOOS Scan?
SOOS supports many different types of scanning based on your tech stack and requirements. Each scan type has multiple ways of integration, most support integration through numerous CI systems, file upload, or direct GitHub integration. All scan types that SOOS supports will flow into the Dashboards and can be viewed alongside your other scan results.
SCA helps ensure that the open source components that developers embed in their applications do not introduce risk.
Container scanning helps ensure that containers deployed (or built upon) by an organization do not introduce risk.
SBOM scanning ensures that first or third party SBOMs do not introduce risk.
- Proprietary and Patented Analysis
- Full Dependency Tree Creation
- Vulnerability Analysis
- License Analysis
- Governance Policies
- Issue Creation
- Report Generation
- Compliance
DAST scanning helps identify problems and vulnerabilities found in web applications by running scans against deployed web applications on demand.
- Built on top of ZAP
- No Limit Endpoint Scanning
- Multiple Authentication Flows
- API Scanning
- Centralized Reporting
- Issue Creation
- Governance Policies
SAST helps ensure that security issues or bad practices are not found in source code and are caught early in the development process.
- Bring your own SAST/Secrets Tool
- Centralized Reporting
- Issue Creation
- Governance Policies