SourceClear’s Free Tool “Open” Finds Vulnerabilities In Your Open Source Code

Share on twitter
Tweet
Share on whatsapp
WhatsApp
Share on facebook
Share
open source security tool

open source security toolShort Bytes: SourceClear’s Open is a new tool to find potential threats in the open source code. This tool works for different platforms and frameworks like Django, Git, Bundler etc. Scanning report comes in the form of an analytics, using which a developer can also troubleshoot the buggy problems in the code.

In the wake of recent cyber attacks which utilized the open source code, a new tool has been launched by SourceClear. This new tool called ‘Open’ can scan an open source software for the potential threats.

If we take a look at the public data which tells about the potential threats in the open source code, it is just like the tip of the iceberg. Not enough available information about the threats has given birth to hidden vulnerabilities. And that’s what the SourceClear is trying to address using this new tool.

Before building this security tool, they had to build a list of vulnerability data possible. In building so, they used public databases and also, data from the millions of libraries.

This security for open source works with many languages and frameworks like Java, Spring, JavaServer Faces, Node.js, JavaScript, Django framework, Ruby on Rails Framework etc.

Also Read: Facebook Open Sources Its Hacking Game Platform Capture the Flag (CTF)

Besides being compatible with these languages and frameworks, they are also compatible with many development tools such as Git, Jira, Bitbucket, Jenkins, Maven, Bower, Gradle, NPM, RubyGems, Bundler, CLI, Github, GitLab etc.

It also offers CLI (Command Line Interface) to scan quickly or automating the scans using plugins for Maven, Gradle, Jenkins etc.

Once the potential threats scan has been done, you can also analyze the result. The analysis report can also be seen against repos, branches, tags or any combination. Besides, it also takes care of the libraries in use, their dependencies, their sources, authors, licenses etc.

Using the analytical report, a developer can fix those issues as the analytical report also shows concise actionable guidelines regarding the integration, technical faults, and wrong methods etc.

Amar Shekhar

Amar Shekhar

A passionate adventure traveller over Trekkerpedia.com and Author of the book 'The Girl from the Woods'.
Scroll to Top