FlexNet Code Insight: Features

Reduce Open Source Software License Compliance and Vulnerability Risk

Features

Unmatched Top- and Forensic-Level Scanning

FlexNet Code Insight’s special purpose search engine is optimized for analysis of source and binary files. Users get accurate and timely results whether the requirement is for a quick search for top level issues or a detailed analysis. It’s detection of open source software is based on a comparison of the target code base with the contents of the Compliance Library, a large database of continuously updated open source projects including version and license information.

More Accurate Analysis with Automated Detection Rules

FlexNet Code Insight includes rules based on human analysis of the most commonly used open source projects and via automated analysis of repositories. Users can also create their own rules to automate reporting of items that are unique to their projects. Utilizing multiple proprietary analysis techniques, FlexNet Code Insight performs component-level, package-manager and binary analysis on your codebase to quickly build inventory and produce reports, including source code, binary, licenses, copyrights, text strings, URLs, email addresses and Java NameSpace.

Robust Audit Analysis

Through three auditing techniques, FlexNet Code Insight provides the industry’s most robust OSS audit analysis.

  • Detector Code Search: Fast, efficient ad-hoc searching across the scanned code base to discover references to files of unknown origin and to identify and remove false positives.
  • Source Code Fingerprints: Sophisticated proprietary source code fingerprint and snippet matching helps users conduct detailed and forensic level analysis. Highlights match to third-party components from multiple sources to easily identify copy-paste and stolen-from code.
  • Custom Fingerprints: Commercial and proprietary code may be fingerprinted for inclusion in the Compliance Library for ongoing detection and matching.

Automatically Generates Third-Party Notices

Generate third-party notices for reporting OSS usage to fulfill compliance and license obligations.

Timely Notification of Vulnerable Code

Vulnerability status is visible on the inventory page and via vulnerability report. In addition, when an existing inventory item or request gains a new vulnerability, users are notified on the Security Alerts tab in the Web UI and via email.

Extensive Compliance Library and Language Coverage

The FlexNet Code Insight Compliance Library contains over 12.9 million OSS components, open source releases continuously collected over the last 12 years and commercial/third-party content. After collection, the results are indexed and packaged for use.

Proven and Scalable Request & Authorization Workflow

After developers OSS use, they receive authorization, either automatically or after review, by the appropriate stakeholders. Policy can be reinforced at the point of request and information recorded about where used, open source licenses, modifications and other relevant data. The authorization system was developed in cooperation with some of the world’s largest software companies.

Extra Protection—Integrated Scanning and Authorization

The request and authorization workflow is fully integrated with scanning so that published scan results can be associated with existing requests. If scanning detects a component without a request, it creates a request for the discovered component.

Designed for Enterprise Environments

FlexNet Code Insight, designed for installation and use on-premises, has a full set of enterprise-ready features to allow operation within a modern and secure IT environment, allowing you to keep your valuable source code on-premises.

Back to FlexNet Code Insight