Secrets Detection on a Git repository involves scanning the codebase to identify sensitive information, such as API keys, passwords, or tokens, that may have been accidentally committed.
2. Licenses and SBOM
Identifies and validates software licenses in dependencies to ensure compliance with legal and organizational policies. It provides a detailed inventory of software components, including versions, dependencies, and vulnerabilities, enabling transparency and security in the software supply chain.
3. Dependency Vulnerability Scanner
A Dependency Vulnerability Scanner analyzes project dependencies to detect known security vulnerabilities, helping to identify and address potential security risks associated with third-party packages.
4. Languages and Framework
Analyzes programming languages and frameworks to identify known vulnerabilities and ensure secure configurations, helping developers maintain secure coding practices and reduce the risk of exploits.