Comprehensive Code Scanning Platform
FlexNet Code Insight is an end-to-end solution for discovering and managing open source and third-party code in software development projects. Our unique discovery technology and process methodology allows for fast and accurate code analysis intelligence between the application and your engineering, legal, and security teams.
Code Insight Process Flow
FlexNet Code Insight supports two types of scans:
- Package-Level Automated Scan
- A scan agent plugin is deployed on a remote server and initiates a quick scan to identify established or “big rock” packages
- Uses automated detection techniques and detection rules to produce fast, efficient results
- Server Scan
- Configured to varying degrees of scan depth to meet your desired level of forensic results
- Uses open source license detection, email address, URL, string search terms, source code fingerprint matches (external source code indicator), and exact file match detection techniques
FlexNet Code Insight supports a standardized, repeatable process to enhance your inventory management – ensuring you get clean and stay clean.
Inventory items are created manually by an analyst, automatically by the code scanner, imported from external data, or copied from another project.
Inventory items are optionally reviewed for completeness based on your inventory confidence. This is accomplished through the Analysis Workbench and Project Inventory Page in FlexNet Code Insight.
Inventory items are reviewed automatically through established policies or manually using review tasks.
Inventory items are remediated to address open tasks related to compliance and technical debt. Remediation is tracked through remediation tasks.
Inventory items are considered complete when they have been reviewed and there are no open alerts or tasks.
FlexNet Code Insight
An end-to-end integrated scanning tool for development, legal and security teams to set and manage policy for use of open source and third-party software.
The Maturity of Open Source Software
Open source software license compliance and vulnerability management trends are taking us down the path of enhanced clarity and tighter controls. The place to start in the software supply chain is with the open source Bill of Materials (BOM).
Going Deep: The Inventory Management Lifecycle
Having the right process in place to inventory and view lists of all your open source components while also prioritizing license compliance and vulnerability issues sets your team up for ongoing success. Learn more about the Inventory Management Lifecycle.