THE MODERN ART OF
OPEN SOURCE COMPLIANCE
Are you a Compliance Manager?
Searching for a way to automate documentation?
Tired of mapping the same tools over and again?
Want to get more support from your organisation?
Click here to learn more...
Are you a Developer?
Tired of odd comments from your compliance office?
Keen to understand what you are linking into your project?
Bored of looking up open source details?
Read how to resolve...
Versions-Update v1.9 ist da!
Verbesserter Approval-Flow
DeepScan-Service
MDD-Unterstützung (SOUP, COTS)
Mehr erfahren
Bekannte Schwachstellen
automatisch identifiziert!
License analysis
TrustSource offers over 150GB knowledge on more than 250.000 OpenSource components, their dependencies and licenses. Also it provides a powerful analysis mechanism to evaluate the real license conditions as well as a continuous search for identifying new components.
Cost reduction > Shift Left
TrustSource and its tools allow developers to learn and decide even during build time about the suitability and risks associated with a particular component, so that no change costs will appear anymore due to such an issue.
License management
TrustSource knows over 300 licenses. It provides a resolution mechnism to determine obligations depending on project, module and component context and resolves them into task lists. Thus allowing a auditable, solution individual checklists, which activates compliance procedures.
Process support
TrustSource provides an integrated platform to manage all tasks in the context of Open Source Compliance. All activities will be logged in the audit log. Direct integrations with Jiora or TeamServcies offer lean and effective processing.
Vulnerability analysis
all components of a project will be checked against more than 100,000 known vulnerabilities. When new vulnerabilities appear, you will get notified aboutimpacted components. CVSS scores and attack vectors will help you to evaulate the cirticality of each vulnerability.
Open Source & API
All parts of TrustSource that will be operated by you or integrated into your development process are open source to give you full control. A magnitude of fucntionality of TrusSource is availble through API, so that you may integrate it into your processes.
117000
vulnerabilities assigned
18,5Mil
artefacts scanned
468Mil
dependencies identified
Read how TrustSource will help you to achieve OpenChain comformity
Integrations
Whether about scanning (gradle, maven, etc.) or workflow (Jira,TeamServices,…): TrustSource supports many widely spread development support tools and integrates with them. For many tools either we or our customers have provided integrations / plugins. Search for them on github using “org:eacg-gmbh”.
