About cookies

This site uses cookies. Learn more about the purpose of their use and ability to change settings for cookies in your browser.

Flexnet Code Insight

banner


Empower your organization to manage open source software (OSS) and third-party components. FlexNet Code Insight helps development, legal and security teams to reduce open source security risk and manage license compliance with an end-to-end system.


FlexNet Code Insight is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk, while you build your products and during their lifecycle. Manage open source license compliance. And add automation to your processes and implement a formal OSS strategy and policy that balances business benefits and risk management.


Identify Open Source Security Vulnerabilities and Manage Risk

Identify known vulnerabilities associated with t he open source in your applicat ions and get alerts when new vulnerabilities affecting you are reported. Analyze security risks within projects with easy-to-understand dashboards and reports.FlexNet Code Insight includes a robust framework supporting multiple data sources for vulnerability data, including NVD and advisories from Secunia Research at Flexera.


Comply with Open Source Licenses and Manage Obligations

Identify open source licenses and drill down into license details and risk. FlexNet Code Insight automates the creation of an accurate Bill of Materials (BOM) to ship with your products. This enables you to comply with license obligations that come with open source software and protect your IP.


Policies

Automate the review of commonly used components based on your company license policy. Developers can select components they intend to use, and submit for review. Developers also have access to usage guidance after a component is approved for use, or remediation notes if the component is rejected.


Seamlessly Integrated Into Your Development Lifecycle

Integrate open source scanning into your DevOps environment using FlexNet Code Insight’s plugins for Jenkins, Docker, Gradle, Apache Ant, Apache Maven, Bamboo and GIT. This allows you to scan your code and identify dependencies from the build environment. Integrate any external audit data into FlexNet Code Insight and develop your own plugins using the Scan Agent Framework. Create custom dashboards and reports with automated findings, audit and vulnerability information using REST APIs.


Dashboards and Reporting for Common Queries

Create Third Party Notices and generate reports to stay on top of your open source code. Quickly answer questions like these and many more:

  • Are we exposed to a specific vulnerability?
  • Are we exposed to high priority license issues and/or high severity vulnerabilities?
  • Where are our outdated components?
  • Where should we focus our limited analysis resources? Where are the issues that need attention now?


Flexible Scan and Analysis Profile Types

  • Package discovery: Scan low risk applications for evidence of all commonly used software package managers for a quick healt h check of your products
  • Standard Scan: Package analysis and build dependencies plus evidence of copyright, search terms, emails
  • Comprehensive scan: Detailed code analysis to match to t hird-party components from mult iple sources to easily ident ify copy-paste code