Follow these instructions to get set up SCA scanning in no time:

Running your first scan is quick and easy

  • Create your first project by running a Manifest Scan to see issues without needing to integrate
  • Use the simple script in your Terminal to easily run a scan of your local files.

Get Integrated

Build Governance Policies

  • Create organizational policies around package and license use to ensure unwanted code is not accidentally brought into your projects.  You can configure policies around: 
    • License Name
    • Package Name
    • License Attributes
    • GitHub Attributes
    • Package Installs
    • Release Frequency
    • Dependency Depth

Configure SOOS

  • Configure the SOOS application to handle your packages, dependencies, scans, and actions
    • Settings can be set globally, or at the individual project level
    • Update your settings at any time
         

Research and Fix your Issues

Generate SBOMs and other scan reports to comply with regulations, or for your own records.

Amp up your overall security by adding DAST Scanning