FlexNet Code Insight is an “on-premises” solution that empowers organizations to take control of and manage use of open source software (OSS) and third-party components. It helps development, legal and security teams use automation to create a formal OSS strategy and policy that balances business benefits and risk management.
Designed for Enterprise Environments
FlexNet Code Insight, designed for installation and use on-premises, has a full set of enterprise-ready features to allow operation within a modern and secure IT environment, allowing you to keep your valuable source code on-premises.
- User management can be done directly within FlexNet Code Insight or via interconnection with existing LDAP and Single Sign-On (SSO) systems.
- Application security is maintained through continuous testing against known attack vectors.
- Can be used without connection to the external internet for secure environments.
- Update service adds components, versions, licenses, rules and vulnerabilities weekly to ensure the system is provisioned with the latest information.
Discover and Track All Open Source Software
FlexNet Code Insight scans your applications to identify Open Source components in Source code, Software packages, Binaries, Code Snippets, Build dependencies, Docker containers and Multimedia files. The product also detects Copyright, Email/URLs and Custom Search terms to find evidence of OSS in your applications.
You can adjust the depth and breadth of scan and analysis based on your project. A quick scan helps you prioritize issues based on a high-level overview. Trigger deep scans where necessary to create a detailed and complete analysis.
Proactive and Continuous Monitoring of Open Source Security Vulnerabilities
Identify known vulnerabilities associated with the open source in your applications and get alerts when new vulnerabilities affecting you are reported. Analyze security risks within projects with easy-to-understand dashboards and reports.
FlexNet Code Insight includes a robust framework supporting multiple data sources for vulnerability data, including NVD and advisories from Secunia Research at Flexera.
Comply with Open Source Licenses and Manage Obligations
Identify open source licenses and drill down into license details and risk. FlexNet Code Insight automates the creation of an accurate Bill of Materials (BOM) to ship with your products.
This enables you to comply with license obligations that come with open source software and protect your IP.
Automate the review of commonly used components based on your company license policy. Developers can select components they intend to use, and submit for review. Developers also have access to usage guidance after a component is approved for use, or remediation notes if the component is rejected.
Seamlessly Integrated Into Your Build Environment
Integrate open source scanning into your DevOps environment using the FlexNet Code Insight’s plugins for Jenkins and Docker. This allows you to scan your code and identify dependencies from the build environment.
Integrate any external audit data into FlexNet Code Insight and develop your own plugins using the Scan Agent Framework.
Create custom dashboards and reports with automated findings, audit and vulnerability information using REST APIs.
Dashboards and Reporting for Common Queries
Create Third Party Notices and generate reports to stay on top of your open source code. Quickly answer questions like these and many more:
- Are we exposed to a specific vulnerability?
- Are we exposed to high priority license issues and/or high severity vulnerabilities?
- Where are our outdated components?
- Where should we focus our limited analysis resources?
Where are the issues that need attention now?
Flexible Scan and Analysis Profile Types
- Package discovery: Scan low risk applications for evidence of all commonly used software package managers for a quick health check of your products
- Standard scan: Package analysis and build dependencies plus evidence of copyright, search terms, emails
- Comprehensive scan: Detailed code analysis to match to third-party components from multiple sources to easily identify copy-paste code
About Flexera Software
Flexera Software helps application producers and enterprises manage application usage and increase the value they derive from their software through next-generation software licensing, compliance, security and installation solutions. More details…
Find out more…
To find out more about managing your use of open source software using FlexNet Code Insight please complete the form below.