Labrador OSS Process
Detect
Labrador/SBOM
Correct
Vulnerabilities/Licenses
Protect
Patches/Compliance Management
Labrador OSS Overview
Labrador OSS, powered by the VUDDY© and CENTRIS© patented technologies,
plays a crucial role at every stage of the SDLC
SBOM Generation
Auto-generate the most accurate software SBOM with Labrador OSS. Powered by CENTRIS© and VUDDY©, Labrador OSS detects all kinds of software components, files, libraries and even functions. Create your SBOM in standardized formats (SPDX and CycloneDX) down to the code snippets. (The Code-level Detection feature is available only on Labrador OSS, making it one of the most powerful SCA in the market).
Vulnerability Scan
Source codes, binaries, and containers and find vulnerabilities with the VUDDY© technology. Labrador OSS will detect the exact vulnerabilities in your software. VUDDY© makes Labrador OSS outstanding by making it the only SCA that analyzes software down to the function level.
Software Remediation
Labrador OSS provides patch recommendations through its innovative remediation technology: patch backporting. Patch backporting will port you back to the older versions so that you patch your code down to the code level.
License Compliance
Check for license violations with Labrador OSS. With over 1,600 listed licenses in its database, Labrador OSS can instantly find potential library issues in your source code.
Labrador OSS Features
Diverse Input Options
Labrador OSS is easy to use with its 3-input options. Labrador OSS analyzes quickly all types of files, source codes or URLs you provide and checks for potential license violations or vulnerabilities.
SDLC & CI/CD integration
Through REST API, Labrador OSS offers to your cloud-based or on-premise SDLC and CI/CD pipelines secure data communications, making it simple for all kinds of infrastructure to create secure software environments.
User-defined vulnerabilities
Organizations can manage their proprietary source code with Labrador OSS. The user-defined vulnerability feature will help you register internally-defined vulnerabilities as well as older or prohibited components, and automatically control proprietary and OSS components simultaneously. It will considerably reduce time and resource consumption by removing recurring vulnerabilities and give your organization room to manage development policies at any SDLC stage.
SBOM Overview
SBOM Features
The Software Bill of Material (SBOM) is derived from the manufacturing industry and is a nester inventory of all analyzed software components. Labrador OSS provides SBOM in international standard formats: SPDX and CycloneDX.
The Importance of SBOM for Organizations
In the light of breaches such as Heartbleed or Solarwinds that affect millions of customers worldwide, SBOM has become a necessity to mitigate risks and spot vulnerabilities that would otherwise take months or years to patch.
US Regulation
In May 2021, through Presidential Executive Order, SBOM has become regulatory. All US-government related organizations are required to provide a SBOM of the software services they provide. We expect that organizations across the world adopt this regulation in the near future.
SBOM Process
VUDDY© (VUlnerable coDe clone DiscoverY)
: A Scalable Approach for Vulnerable Code Clone Discovery, IEEE Symposium on Security and Privacy(S&P)
CENTRIS©
: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse, International Conference on Software Engineering(ICSE)
Integration
Languages/Frameworks
Package Managers
CI/CD
Get Labrador OSS 2.0
Labrador OSS has its specific SBOM process to ensure optimal for your software projects.
-
-
-
-
-
-
1. SBOM
CreationCreate the list of all software components
-
2. Vulnerability
DetectionDetect your vulnerabilities at a function level (VUDDY©)
-
3. Vulnerability
RemediationAutomatically suggest vulnerability patches
-
4. License
ComplianceDetect license compliance issues
-
5. UDCM®
User-defined Components Management (UDCM)
Allows you to manage and secure easily your proprietary codes