SAST, SCA
and SBOM
Security violations across third party APIs, SDKs, open source libraries, and software bill of materials (SBOMs) from vendors and partners.
Discover Your
Software Supply Chain.
Begin by marking your most important mobile and web apps (first party) and your third-party vendors and suppliers. Upload your SBOM files for ingestion.
The Analyzer Engine will conduct full-stack analysis across first and third party APIs, cloud services, SDKs, and open source libraries.
Take action by identifying third party supply chain attack surfaces within your applications, opening policy violations, and listing your SBOM inventories.
Mark Your
Apps + Vendors
Analyzer
Engine
Full-Stack Analysis:
· APIs & SDKs
· Cloud Services
· Mobile & Web
· OSS Libraries
· SBOM Files
Take
Action
Traditional 3rd party exposure (global pandemic)
Software 3rd party exposure (Vendors, OpenSource, SDKs, APIs, Clouds)
Hack Your
Supply Chain.
Supply Chain security goes beyond the code with focuses across the entire application stack:
The analyzer engine discovers third-party assets across the application full-stack using runtime analysis (dynamic, interactive security testing).
Manage SBOM
Inventory.
Data Theorem's Code Secure allows customers to ingest all of their SBOM files to be processed by its Analyzer Engine. As an output, Data Theorem's Code Secure pipeline will generate a comprehensive SBOM Inventory listing based on multiple sources including SBOM files and full-stack application analysis.
SBOM is defined as a "formal record containing the details and supply chain relationships of various components used in building software." It is analogous to a list of ingredients on food packaging.
