Try CodeShield for Free
IT-Security Made in Germany
Developed and hosted in Germany!
We keep your data confidential! We do not store any information on our servers!
Scan your Java Projects 14-days for free!
Features contained in the Demo
- We provide a Maven-Plugin that you can integrate into your build or invoke directly.
- The plugin scans your direct and transitive dependencies for vulnerabilities (CVEs).
- All findings are reported on the CLI and a separate Markdown file incl. fix suggestions.
- An HTML version of the Bill-of-Materials including all used licenses of the scanned project can be generated.
Paid features on request
- Detect hidden vulnerabilities in dependencies introduced by code-clones from other dependencies (rebundling/repackaging).
- Integration in widely used dashboards like DependencyTrack and DefectDojo.
- Jenkins integration inclusive dashboard and source-line precise listing of the locations that introduce the vulnerable dependencies.
- Support for the Gradle build automation tool.
- Automated Pull-Request for GitHub/GitLab with fixes for the found vulnerabilities.