Solutions

Software Composition Analysis

The world runs on open source. Empower developers to use it effectively and securely.

1 in 8
open source downloads have known risk^[1]

Overview

What’s hiding inside that third-party software? And how will it impact your applications?

The vast majority of applications utilize some kind of third-party software that can leave your application exposed to attacks if not managed properly. Software Composition Analysis solutions detect security and license flaws in third-party software to tackle this growing risk, so you can deliver applications with confidence.

Key benefits

Manage your open source risk and deliver more secure applications.

Find more vulnerabilities

Combine AI with human curation to detect more vulnerabilities than the National Vulnerability Data base alone.
Generate a software bill of materials (SBOM)

Scan binaries to identify open source components and generate an SBOM with remediation tips.
Detect security issues

Utilize extensive known vulnerability databases, maintained by a combination of expert researchers and machine learning, to identify security issues.
Run client-side software composition analysis

Analyze CVEs of client-side libraries and health data of open source projects.

Business impacts

Open source security

The world runs on open source. How can you ensure your developers are pulling in the right components? Gain visibility into the health of open source libraries by exploring, comparing, and evaluating open source projects from a single database.
Integration and automation

The speed of application development continues to increase. Developers need to keep up with demand without shortcutting security. Seamlessly integrate software composition analysis into the CI/CD pipeline with security scanning and policy automation.
Risk management

Protecting your software supply chain is critical. With malicious attacks on the rise, though, it’s also harder than ever. Rely on extensive known vulnerability databases to detect security vulnerabilities before they become security liabilities.

Leaders trust OpenText

See how customers are succeeding with Software Composition Analysis solutions from OpenText.

See more success stories

Why security specialists like Codific love Debricked

Learn more

Fortify + Sonatype for AppSec: What customers are saying

Learn more

OpenText Fortify WebInspect drastically reduces manual security testing efforts to speed up time to market and simplify compliance

Learn more

Explore the components of the solution

Products

OpenText offers two software composition analysis solutions: Debricked offers SCA embedded in Fortify on Demand, while Sonatype’s off-cloud solution offers enterprise-grade results.

Debricked
Venture safely through the open source universe
Sonatype
Enable fast, secure software innovation

Professional Services

OpenText combines end-to-end solution implementation with comprehensive technology services to help improve systems.

OpenText Software Consulting & Implementation Services
Consulting Services
OpenText Professional Services
Explore Professional Services
OpenText Packaged Services
Packaged Services

Software Composition Analysis resources

The impact of the XZ exploit on open-source software: A call to strengthen security measures

Read the blog

Fortify + Sonatype for AppSec: What customers are saying

Read the blog

The importance of protecting your source code and how Debricked can help

Read the blog

How can we help?

[1] Sonatype, State of the Software Supply Chain, 2023

FeaturedFeatured

Analytics CloudAnalytics Cloud

Analytics DatabaseAnalytics Database

Unstructured Data AnalyticsUnstructured Data Analytics

Business Intelligence and ReportingBusiness Intelligence and Reporting

Data DiscoveryData Discovery

eDiscovery and InvestigationseDiscovery and Investigations

Legal Content and Knowledge ManagementLegal Content and Knowledge Management

Enterprise SearchEnterprise Search

Aviator Search

Business Network CloudBusiness Network Cloud

Supply Chain IntegrationSupply Chain Integration

B2B Integration ServicesB2B Integration Services

Ecosystem CollaborationEcosystem Collaboration

Business Network Aviator

Content CloudContent Cloud

Document ManagementDocument Management

AI Content ManagementAI Content Management

Business IntegrationsBusiness Integrations

Capture and Intelligent Document ProcessingCapture and Intelligent Document Processing

Information ArchivingInformation Archiving

Process AutomationProcess Automation

Information GovernanceInformation Governance

Content Aviator

Cybersecurity CloudCybersecurity Cloud

Application SecurityApplication Security

Identity and Access ManagementIdentity and Access Management

Data Privacy and ProtectionData Privacy and Protection

Digital Investigations and ForensicsDigital Investigations and Forensics

Threat IntelligenceThreat Intelligence

Threat Detection and ResponseThreat Detection and Response

Cybersecurity Aviator

Developer CloudDeveloper Cloud

Information Management ServicesInformation Management Services

Developer Cloud technical documentationDeveloper Cloud technical documentation

Aviator Thrust

DevOps CloudDevOps Cloud

DevOps PlatformDevOps Platform

PPM and Strategic Portfolio ManagementPPM and Strategic Portfolio Management

Quality ManagementQuality Management

Functional TestingFunctional Testing

Performance EngineeringPerformance Engineering

DevOps Aviator

Experience CloudExperience Cloud

Web and Brand ExperiencesWeb and Brand Experiences

MessagingMessaging

Customer Journey and DataCustomer Journey and Data

Media ManagementMedia Management

Contact Center AnalyticsContact Center Analytics

Experience Aviator

IT Operations CloudIT Operations Cloud

Service ManagementService Management

FinOpsFinOps

AIOps and ObservabilityAIOps and Observability

AutomationAutomation

Network ManagementNetwork Management

IT Operations Aviator

PortfolioPortfolio

Data protection and endpoint backupData protection and endpoint backup

Endpoint management and mobile securityEndpoint management and mobile security

Hybrid work, email, and team collaborationHybrid work, email, and team collaboration

Archiving, eDiscovery, and data securityArchiving, eDiscovery, and data security

Information reimaginedInformation reimagined

Artificial IntelligenceArtificial Intelligence

IndustryIndustry

Enterprise ApplicationsEnterprise Applications

Your journey to successYour journey to success

Customer SupportCustomer Support

Customer Success ServicesCustomer Success Services

Strategy & Advisory ServicesStrategy & Advisory Services

Consulting ServicesConsulting Services

Learning ServicesLearning Services

Managed ServicesManaged Services

Find an OpenText PartnerFind an OpenText Partner

Find a Partner SolutionFind a Partner Solution

Grow as a PartnerGrow as a Partner

Become a Partner

Asset LibraryAsset Library

BlogsBlogs

EventsEvents

Featured

Analytics Cloud

Analytics Database

Unstructured Data Analytics

Business Intelligence and Reporting

Data Discovery

eDiscovery and Investigations

Legal Content and Knowledge Management

Enterprise Search

Business Network Cloud

Supply Chain Integration

B2B Integration Services

Ecosystem Collaboration

Content Cloud

Document Management

AI Content Management

Business Integrations

Capture and Intelligent Document Processing

Information Archiving

Process Automation

Information Governance

Cybersecurity Cloud

Application Security

Identity and Access Management

Data Privacy and Protection

Digital Investigations and Forensics

Threat Intelligence

Threat Detection and Response

Developer Cloud

Information Management Services

Developer Cloud technical documentation

DevOps Cloud

DevOps Platform

PPM and Strategic Portfolio Management

Quality Management

Functional Testing

Performance Engineering

Experience Cloud

Web and Brand Experiences

Messaging

Customer Journey and Data

Media Management

Contact Center Analytics

IT Operations Cloud

Service Management

FinOps

AIOps and Observability

Automation

Network Management

Portfolio

Data protection and endpoint backup

Endpoint management and mobile security

Hybrid work, email, and team collaboration

Archiving, eDiscovery, and data security

Information reimagined

Artificial Intelligence

Industry

Enterprise Applications

Your journey to success

Customer Support

Customer Success Services

Strategy & Advisory Services

Consulting Services

Learning Services

Managed Services

Find an OpenText Partner

Find a Partner Solution

Grow as a Partner

Asset Library

Blogs

Events

Communities

Customer Stories

OpenText Navigator