Team Reviewer provides an effective vulnerability discovery, management & tracking, by continuously identifying threats, monitoring changes in your network, discovering and mapping all your devices and software — including new, unauthorized and forgotten ones —, and reviewing configuration details for each asset.
...
Software Composition Analysis of a Folder, containing 3-party libraries
Software Composition Analysis of a Container
Software Composition Analysis of a GIT Repository
A Software Composition Analysis will discover:
Blacklisted Libraries: Versions not admitted inside the organization
License Conflict: Licenses that cannot coexist with others
Outdated Libraries: Libraries or Frameworks created by a very old, unsupported JDK or .NET Framework version
Discontinued Libraries: Libraries or Frameworks abandoned by the Developer's Community
Vulnerable Frameworks: Frameworks having at least one vulnerable library
Suspicious Licenses: Licenses information has been manipulated
Poor-man Copyright: Self-declared Copyright
Vulnerable Libraries: Vulnerable libraries that must be replaced by newer, secure versions
You start a Software Composition Analysis clicking Static SCA Analysis in the main Dashboard:
...
You can view the Software Bill of Materials (SBOM):
...
And you can dowload download reports in PDF, Word, Excel and HTML formats:
...
Additionally, you can have a custom Cover Letter, with you your logo, your ISO 9001 Responsability chain, the Confidentiality Level and you your DIsclaimer.
Reports
Team Reviewer stores reports generated with:
...
Team Reviewer is based on open source software developed by Aaron Weaver (OWASP Defect Dojo Project)
COPYRIGHT (C) 2014-2022 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.