Follow these instructions to get set up SCA scanning in no time:
Running your first scan is quick and easy
- Create your first project by running a Manifest Scan to see issues without needing to integrate
- Use the simple script in your Terminal to easily run a scan of your local files.
Get Integrated
- Use GitHub, CI/CD, Script, and External Data Connection integrations to power up SOOS. We integrate with some of the most popular build systems to make it easy to start scanning your packages
- Get SOOS hooked into your ticket management system so you can quickly and easily move suggested fixes into your standard development workflow
Build Governance Policies
- Create organizational policies around package and license use to ensure unwanted code is not accidentally brought into your projects. You can configure policies around:
- License Name
- Package Name
- License Attributes
- Package Installs
- Missing License
Configure SOOS
- Configure the SOOS application to handle your packages, dependencies, scans, and actions
- Settings can be set globally, or at the individual project level
- Update your settings at any time
Research and Fix your Issues
- Review your issues and take action on any vulnerabilities or policy violations as they arise
- Helpful Tip: Add more users to really get the benefits of SOOS
Generate SBOMs and other scan reports to comply with regulations, or for your own records.
Amp up your overall security by adding DAST Scanning