Questions about the technology behind CodeShield

CodeShield creates a unique fingerprinting of each JAR file and the containing classes. This fingerprint is resillent to modifications, e.g., re-compilation and re-packaging, and thus can identify also modified code.
The risk evaluation computes a confidence value, which provides full transparency for the results..
CodeShield currently supports languages running on the Java Virtual Machine, e.g., Java, Scala, Kotlin. Nevertheless, we are currently working on support for .NET and JavaScript.
CodeShield integrates in VisalCode, Intellij, Jenkins, DependencyTrack and DefectDojo. We are working on further integrations for GitLab, GitHub, Eclipse, and many more.
CodeShield integrates into the Maven-Lifecycle and only requries a few milliseconds per dependency.
CodeShield analyzes the bytecode of each dependency and does not soley rely on metadata, e.g., filenames or version ranges.

In case you haven't found the answer for your question please feel free to contact us, we will be happy to help you.

Start now and improve the security of your software.