Integrations

SCM, container registries, vulnerability databases, EPSS databases.

Source Code Management

Support for all leading SCM platforms, GitHub, GitLab, Bitbucket, JFrog Artifactory.


Container Registry

No matter if you use a public registry like Dockerhub, Google Cloud Registry, or a private Harbor registry, we got you covered.

Development languages

Java, Python, Node.js, .Net, Go, Rust, PHP and more are supported out of the box.


Container Base Image

Alpine, Debian, Ubuntu, AlmaLinux, Microsoft Windows or distroless container images are on our list of supported Base images.

Vulnerability databases

Automatically and continuously analyze your source code, base images, and packages using our built-in databases. NVD, GitHub, OSV, VulnDB or Snyk.

Code signing & timestamp

Using immudb, GPG and/or sigstore, your source code, your container images and you application binaries are always verifiable.

Application development with peace of mind

Some of our integrations

CI/CD and SCM tools

Docker and OCI registries

Several vulnerability scanners (Snyk, Aqua, JFrog)

Bindings for Java, C++, Python, NodeJS, Go, Rust, PHP

Digital Signature platforms

logo-light

Our mission is to secure the software supply chain with autonomous, agentic AI—delivering strong security outcomes through a platform that’s simple to use and requires no security expertise.

Company
Open Source