Product

Products
Vulnerability Management
Automatically find and fix open source vulnerabilities in dependencies, source files local open source assets
License Compliance Management
Accurate license detection in dependencies and source code with automated source code attribution
Supply Chain Risk & Quality
Open source supply chain risk and quality data detects anomalies that put your company at risk. We automatically alert and gate threatening components
Embedded Open Source Detection
Up to 15% of your software is made from embedded open source. We can detect, report and automatically annotate your source files to ensure compliance

Services
Mergers & Acquisitions + Audits
Quick, comprehensive, and accurate open source license and vulnerability audit with actionable data and automated license annotation.
Resources

Blog Integrations & Language Support
Company

About us
Pricing
Contact

Threatrix Blog

Enterprise open source security & compliance

Month: October 2021

What Are the Ingredients for an Accurate SBOM?

Post author By John McDonald
Post date October 6, 2021
No Comments on What Are the Ingredients for an Accurate SBOM?

The Software Bill of Materials (SBOM) has made quite a stir lately. From President Biden’s executive order to further secure our infrastructure to the NHS in Britain, emulating the mandate to improve security and transparency for England’s healthcare system. Given the sudden popularity of the SBOM and the resulting demand to create one, we feel […]

open source security Uncategorized

“Set and Forget” Approach to Open Source Software Creates Security and Compliance Risks

Post author By James Sortino
Post date October 4, 2021
No Comments on “Set and Forget” Approach to Open Source Software Creates Security and Compliance Risks

According to two recent security research reports* on open source software, internally developed software contains up to 75% of open-source software. The report also concludes that open-source used within codebases contain on average 158 vulnerabilities and 60% of the codebases have ‘high risk’ open-source vulnerabilities that have been actively exploited. According to research, the three […]