What is Sonatype Vulnerability Scanner?
Sonatype Vulnerability Scanner (formerly DepShield) discovers vulnerability among open source components and code in an application. It is available free and open source.
The tool provides a comprehensive Software Bill of Materials. The first step in protecting an app is knowing exactly what open source components are being used and where with a comprehensive Software Bill of Materials. The results will outline any policy violations, security issues, and a license analysis contained in the application, to help the user understand the severity of any open source risk.
The solution can be downloaded and used as a JAR file, or it is available as the Sonatype Vulnerability Scanner online.
The tool provides a comprehensive Software Bill of Materials. The first step in protecting an app is knowing exactly what open source components are being used and where with a comprehensive Software Bill of Materials. The results will outline any policy violations, security issues, and a license analysis contained in the application, to help the user understand the severity of any open source risk.
The solution can be downloaded and used as a JAR file, or it is available as the Sonatype Vulnerability Scanner online.
Categories & Use Cases
Technical Details
| Deployment Types | On-Premise, SaaS |
|---|---|
| Mobile Application | No |
FAQs
What is Sonatype Vulnerability Scanner?
Sonatype Vulnerability Scanner (formerly DepShield) discovers vulnerability among open source components and code in an application. It is available free and open source.
How much does Sonatype Vulnerability Scanner cost?
Sonatype Vulnerability Scanner starts at $0.