SOFTWARE COMPOSITION ANALYSIS
Revenera Code Scanning Platform
Comprehensive Open Source Analysis Solution
Code Insight is an end-to-end solution for discovering and managing open source and third-party code in software development projects. Our unique discovery technology and process methodology allows for fast and accurate code analysis intelligence between the application and your engineering, legal, and security teams.
CODE INSIGHT PROCESS FLOW
SCAN TYPES
FlexNet Code Insight supports two types of scans:
- Package-Level Automated Scan
- A scan agent plugin is deployed on a remote server and initiates a quick scan to identify established or “big rock” packages
- Uses automated detection techniques and detection rules to produce fast, efficient results
- Server Scan
- Configured to varying degrees of scan depth to meet your desired level of forensic results
- Uses open source license detection, email address, URL, string search terms, source code fingerprint matches (external source code indicator), and exact file match detection techniques
INVENTORY LIFECYCLE
Code Insight supports a standardized, repeatable process to enhance your inventory management – ensuring you get clean and stay clean.
Create
Inventory items are created manually by an analyst, automatically by the code scanner, imported from external data, or copied from another project.
Triage
Inventory items are optionally reviewed for completeness based on your inventory confidence. This is accomplished through the Analysis Workbench and Project Inventory Page in Code Insight.
Review
Inventory items are reviewed automatically through established policies or manually using review tasks.
Remediation
Inventory items are remediated to address open tasks related to compliance and technical debt. Remediation is tracked through remediation task
DONE
Inventory items are considered complete when they have been reviewed and there are no open alerts or tasks.
Resources
White Paper
Risky OSS: How Regulated Industries Can Secure the Software Supply Chain
This whitepaper reviews the state of OSS, four management use cases, and best practices and solutions to help security and legal teams in highly regulated industries. Access now to learn how you can confidently mitigate rising supply chain risk.
Data Sheet
OSS Inspector Plugin
Ensure your code is secure and compliant by effortlessly managing open source dependencies directly in your IDE.
Webinar
The Beginner’s Guide to Managing Open Source Software
Join this beginner’s guide to OSS, SCA, OSPOs, and SBOMs to get started on your open source journey. In this productive webinar session by Revenera’s open source expert, Alex Rybak.
Webinar
Setting up your OSS Management process
Join our expert team as they walk you through how to setup a comprehensive OSS Management program to address both software supply chain security and legal compliance, in this live webinar.
Webinar
Mitigating Risks in Open Source and Software Supply Chains: A Global Outlook
Learn about the latest regulation changes in the US and EU. Particularly what’s changing in the world of Open Source and how to navigate their legal rights and responsibilities in this Revenera webinar.
Webinar
2024 Software Security and Compliance Predictions
It’s time to discuss the hottest trends for 2024 in software composition analysis and software supply chain security. Register and attend this must-watch webinar and get a jumpstart on what to prepare for in the year ahead.
Want to learn more?
See how Revenera's end-to-end solution delivers a complete, accurate SBOM while managing license compliance and security.