An on-premise Software Composition Analysis solution using automated scans to help organizations understand their license compliance and security vulnerability exposure to open source packages. FlexNet Code Insight easily provides users with a Software Bill of Materials from across the software supply chain and offers continuous monitoring of assets, proactive vulnerability alerts, and recommended remediation actions. The solution helps development teams deliver secure products to customers while protecting IP and avoiding reputation damaging litigation.
About FlexNet Code Aware
FlexNet Code Aware is a free code scanner that scans Java, NuGet and NPM packages looking for license compliance, IP, and security vulnerability risks. An automated, high-level package analysis, Code Aware helps development teams deliver secure products to customers while protecting IP and avoiding reputation damaging litigation. After running the first scan, uncover leading operational risk indicators, prioritized by severity to better understand your level of operational risk.
Features
API
Data Export
Data Import
External Integrations
History/Version Control
Multi-User
Notifications
Project Management
Task Scheduling/Tracking
Bug Tracking
Developer Tools
Access Management
Release Management
Test Management
Features
API
Data Export
Data Import
External Integrations
History/Version Control
Multi-User
Notifications
Project Management
Task Scheduling/Tracking
Bug Tracking
Developer Tools
Access Management
Release Management
Test Management
Summary
Inventory items are created manually by an analyst, automatically by the code scanner, imported from external data, or copied from another project.
Inventory items are optionally reviewed for completeness based on your inventory confidence. This is accomplished through the Analysis Workbench and Project Inventory Page in FlexNet Code Insight.
Inventory items are reviewed automatically through established policies or manually using review tasks.
Inventory items are remediated to address open tasks related to compliance and technical debt. Remediation is tracked through remediation tasks.
Inventory items are considered complete when they have been reviewed and there are no open alerts or tasks.
Summary
Automated solution
Downloadable, quick scan
Provides a detailed report of discovery
Free scan for Java, NuGet and NPM packages
License Management Software
Source Code Management Software
FAQs
Who are the main user groups of this service?
VP/Dir/Mgrs of Software Engineering/Software Development, Security professionals including CISO and VPs, General Counsel and IP attorneys.
What platforms does this service support?
On-Premise
Does this service offer an API?
Yes
Does this service offer guides, tutorials and or customer support?
Yes
What are some applications this service is commonly used in tandem with?
Various Build, CI/CD, SCM, and IDE integrations including but not limited to: Eclipse, Visual Studio, Maven, MSBuild, Jenkins, Azure, GitLab, TFS, Perforce, Docker, JFrog, Bamboo, Gradle, git, BitBucket, TeamCity, and others.
Does this service integrate with any other apps?
Yes
What is this service generally used for?
Software engineering, security and compliance teams at software supplier companies needing to manage open source through continuous, automated analysis. Companies preferring an on-premise solution that focuses on security and compliance.
Does this service offer multi-user capability (e.g. teams)?
Yes
FAQs
Who are the main user groups of this service?
Companies: Software suppliers developing and shipping software to customers.
Personas: VP/Dir/Mgrs of Software Engineering/Software Development, Security professionals including CISO and VPs, General Counsel and IP attorneys.
What is this service generally used for?
Software engineering, security and compliance teams at software supplier companies needing to manage open source through continuous, automated analysis. Companies preferring an on-premise solution that focuses on security and compliance.