Our products make use of 3rd-party open source software, with different licenses, expect for SAST scanning engines that are 100% proprietary. The licenses for the software listed below can be found in the "licenses" folder of each Security Reviewer product after installation. All versions of open source software, before used, are checked by SCA Reviewer.

Our products include software developed under:

• The Apache Software Foundation license 2.0

• MIT license (https://opensource.org/licenses/MIT). )

• Mozilla Public License 2.0 (https://www.mozilla.org/en-US/MPL/2.0/) )

• GNU General Public License, version 2

• GNU General Public License, version 3

• GNU AGPL v3.0

• BSD 3-Clause "New" or "Revised" License (permissive)

• MySQL Community license

Our products are developed using the following programming languages:

• C# and VB.NET using .NET Core SDK 5.0.408, .NET core SDK 7.0.410 and .NET core SDK 8.0.416 (Microsoft Software License)

• Java (openjdk 11 license GNUv2 with classpath exception)

• Python (3.x https://docs.python.org/3/license.html )

• GO (1.23 https://golang.org/LICENSE)

We develop using:

• Avalonia UI licensed under MIT License

• Visual Studio Code licensed under MIT License

• Apache NetBeans licensed under Apache Software Foundation license 2.0

Our products include the following open source software:

• jQuery (http://jquery.com/) licensed under MIT License

• Erlend Oftedal RetireJS (https://retirejs.github.io/retire.js/) licensed under Apache Software Foundation license 2.0

• Angular (https://github.com/angular/angular ) licensed under MIT License

• Jonathan Hedley jsoup (http://jsoup.org ) licensed under MIT License

• Django (https://github.com/django/django ) licensed under BSD 3-Clause "New" or "Revised" License (permissive)

• Aaron Weaver (OWASP Defect Dojo Project) licensed under BSD 3-Clause "New" or "Revised" License (permissive)

• FastMCP (https://github.com/jlowin/fastmcp ) licensed under Apache Software Foundation license 2.0
  
  

Our software contains unmodified binary redistributions for:

• MySQL Server (https://github.com/mysql/mysql-server ) licensed under MySQL Community license

• MongoDB engine (https://www.mongodb.com/community/licensing) which is licensed and available under Free Software Foundation's GNU AGPL v3.0

• PlantUML licensed under GNU General Public License, version 2

• Aqualogic Trivy licensed under Apache Software Foundation License 2.0

• Anchore Syft licensed under Apache Software Foundation License 2.0

• OWASP ZAP licensed under Apache Software Foundation License 2.0

• SeleniumHQ Selenium licensed under Apache Software Foundation License 2.0

• CppCheck (https://github.com/danmar/cppcheck ) licensed under https://www.gnu.org/licenses/gpl-3.0.html

• Brakeman (https://github.com/presidentbeef/brakeman ) licensed under MIT License

Algorithms

Security Reviewer’s Suite makes use of a large number of third-party Algorithms. Here you can find a (partial) list.

External Data Sources

Security Reviewer’s Suite accesses to External Data Sources for getting updated about vulnerabilities and licenses. Click here for the complete list.