CloudDefense.AI
  • Connect Repositories
    • Scan a Github/Gitlab
    • Scan an Azure DevOps repository
    • Scan a Bitbucket repository
  • Scans
    • Written code Scan (SAST)
    • Open Source Libraries Scan (SCA)
    • Secrets Scan
    • DAST Scans
    • API Scan from CloudDefense UI
  • CI/CD
    • GitHub Enterprise Actions
    • Methods for CI/CD integration with CLI
    • CI/CD Policies
    • Jenkins integration with cdefence
  • Integration
    • IaC on GCR Scan
    • IaC on Amazon ECR Scan
    • IaC on Docker Hub Scan
    • Integration with ServiceNow
    • Integration with Jira
    • SSO Okta App Integration
    • Set up CloudDefense Single Sign-On (SSO)
    • SIEM
      • Azure Sentinel
      • IBM Qradar
      • Micro Focus ArcSight Logger
  • Features
    • Sharing Integration
    • How to Enable Multi-Factor Authentication
    • AUTO PR
    • Remediation using SAST Recommendations
    • Global Allowed List and Local allowed list - Documentation
    • File Exclude
  • CloudDefense CLI
    • Cloud Defense CLI
  • On-Prem Installation
    • Install CloudDefense Helm on a Kubernetes Cluster
    • Install CloudDefense suite on a Kubernetes cluster
  • Others
    • Team Management
    • User Management
    • App Management
    • LogIn/Signup process
Powered by GitBook
On this page
  1. Scans

Open Source Libraries Scan (SCA)

PreviousWritten code Scan (SAST)NextSecrets Scan

Last updated 2 years ago

Starting Scan

We can start an online scan by clicking on the SCAN button on top right

We choose Github for this example.

Once clicked get a repo to scan. For the demonstration purpose we take Vulnado.

We clone the repo and paste it like,

Hit the green plus sign and scan

Scan with start

Once online scans finishes we get the result like following

Above picture shows that we scanned a project names “vulnado-test” which has our pom.xml (SCA JAVA) and other scans. Let’s dive into that.

Once you click on it you will be redirected to a page like following

Which will contain the following information about your SAST scan

  1) Project Scanned

Named of our current project. In this case vulnado-test

 2)  Scan Date

When scan was performed on which date and at what time

 3) User’s Email

Which user performed this scan, we show their email address

4) RuleId 

Which rule matched our sets of backend rules. We show that

5) Vulnerable Depedency 

Vulnerable dependencies with exact verion

6)Description of CVE 

More information about the vulnerability that dependency have

 7) Patch

How to fix that issue

  8) Filter Severity 

	      -  To filter your results based upon the criticality 
          

Once sca scan is done, we can patch the vulnerable dependencies directly from UI if Source Control (Github/ Gitlab/ Bitbucket) is configured and you know that repo.