Labrador OSS Process






Patches/Compliance Management

Labrador OSS Overview

Labrador OSS, powered by the VUDDY© and CENTRIS© patented technologies,
plays a crucial role at every stage of the SDLC

SBOM Generation

Auto-generate the most accurate software SBOM with Labrador OSS. Powered by CENTRIS© and VUDDY©, Labrador OSS detects all kinds of software components, files, libraries and even functions. Create your SBOM in standardized formats (SPDX and CycloneDX) down to the code snippets. (The Code-level Detection feature is available only on Labrador OSS, making it one of the most powerful SCA in the market).

Vulnerability Scan

Source codes, binaries, and containers and find vulnerabilities with the VUDDY© technology. Labrador OSS will detect the exact vulnerabilities in your software. VUDDY© makes Labrador OSS outstanding by making it the only SCA that analyzes software down to the function level.

Software Remediation

Labrador OSS provides patch recommendations through its innovative remediation technology: patch backporting. Patch backporting will port you back to the older versions so that you patch your code down to the code level.

License Compliance

Check for license violations with Labrador OSS. With over 1,600 listed licenses in its database, Labrador OSS can instantly find potential library issues in your source code.

Labrador OSS Features

Diverse Input Options

Labrador OSS is easy to use with its 3-input options. Labrador OSS analyzes quickly all types of files, source codes or URLs you provide and checks for potential license violations or vulnerabilities.

SDLC & CI/CD integration

Through REST API, Labrador OSS offers to your cloud-based or on-premise SDLC and CI/CD pipelines secure data communications, making it simple for all kinds of infrastructure to create secure software environments.

User-defined vulnerabilities

Organizations can manage their proprietary source code with Labrador OSS. The user-defined vulnerability feature will help you register internally-defined vulnerabilities as well as older or prohibited components, and automatically control proprietary and OSS components simultaneously. It will considerably reduce time and resource consumption by removing recurring vulnerabilities and give your organization room to manage development policies at any SDLC stage.

SBOM Overview

SBOM Features

The Software Bill of Material (SBOM) is derived from the manufacturing industry and is a nester inventory of all analyzed software components. Labrador OSS provides SBOM in international standard formats: SPDX and CycloneDX.

The Importance of SBOM for Organizations

In the light of breaches such as Heartbleed or Solarwinds that affect millions of customers worldwide, SBOM has become a necessity to mitigate risks and spot vulnerabilities that would otherwise take months or years to patch.

US Regulation

In May 2021, through Presidential Executive Order, SBOM has become regulatory. All US-government related organizations are required to provide a SBOM of the software services they provide. We expect that organizations across the world adopt this regulation in the near future.

SBOM Process

VUDDY© (VUlnerable coDe clone DiscoverY)
: A Scalable Approach for Vulnerable Code Clone Discovery, IEEE Symposium on Security and Privacy(S&P)

: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse, International Conference on Software Engineering(ICSE)



Package Managers


Get Labrador OSS 2.0

Labrador OSS has its specific SBOM process to ensure optimal for your software projects.

  • 1. SBOM

    Create the list of all software components

  • 2. Vulnerability

    Detect your vulnerabilities at a function level (VUDDY©)

  • 3. Vulnerability

    Automatically suggest vulnerability patches

  • 4. License

    Detect license compliance issues

  • 5. UDCM®

    User-defined Components Management (UDCM)
    Allows you to manage and secure easily your proprietary codes