Integrations

SCM, container registries, vulnerability databases, EPSS databases.

Source Code Management

Support for all leading SCM platforms, GitHub, GitLab, Bitbucket, JFrog Artifactory.

Container Registry

No matter if you use a public registry like Dockerhub, Google Cloud Registry, or a private Harbor registry, we got you covered.

Development languages

Java, Python, Node.js, .Net, Go, Rust, PHP and more are supported out of the box.


Container Base Image

Alpine, Debian, Ubuntu, AlmaLinux, Microsoft Windows or distroless container images are on our list of supported Base images.


Vulnerability databases

Automatically and continuously analyze your source code, base images, and packages using our built-in databases. NVD, GitHub, OSV, VulnDB or Snyk.


Code signing and timestamp

Using immudb, GPG and/or sigstore, your source code, your container images and you application binaries are always verifiable.

Application development with peace of mind

Some of our integrations

CI/CD and SCM tools

Docker and OCI registries

Several vulnerability scanners (Snyk, Aqua, JFrog)

Bindings for Java, C++, Python, NodeJS, Go, Rust, PHP

Digital Signature platforms

logo-light

Guardians of software™

Our mission is to deliver software supply chain protection and customer-specific business outcomes with a world class customer experience, leveraging the full capabilities of our applications.

Products
Company
Open Source