Overview

Don’t let open source vulnerabilities slow you down! With OpenText™ Core Software Composition Analysis (Debricked), you can integrate open source security and automate vulnerability identification, remediation, and prevention to improve your organization’s security—quickly, easily, and compliantly. Integrate, scan, and receive your first results within minutes, and get a full overview of all open source vulnerabilities in your software.

What OpenText Core Software Composition Analysis can do for you

Enjoy support integrating open source security at every phase

Take advantage of our end-to-end approach that provides all the support you need for using open source in every phase of commercial application development—from intake to deployment.

Achieve more accurate results

Employ the advanced machine learning of OpenText Core Software Composition Analysis to ensure high-quality data that delivers more precise results.

Make open source vulnerability management easy for every user

Leverage a full toolkit of open source vulnerability management capabilities, support, and dynamic dashboards for developers, analysts, and team leads.

Maintain open source license compliance

Ensure and maintain open-source compliance with automated and enforceable pipeline rules. Calculate risk levels for your repositories based on intended use.

Why OpenText Core Software Composition Analysis?

Data from 40 million open source projects

Make better open source decisions and get full transparency of your dependencies with vulnerability and license information.

Security, license, and health metrics

Gain visibility into declining communities and dead projects. Find popular projects with a diverse set of maintainers that has a high chance of longevity.

Automated policy compliance

Set your policies in Open Source Select and let developers immediately see what projects would pass or fail.

Key features

CycloneDX SBOM

Exports a CycloneDX software bill of materials (SBOM) for a complete record of the supply chain relationships between the components used when creating software.

User-friendly dashboard

Enables you to integrate, scan, and receive your first results within minutes. Provides a full overview of all open source vulnerabilities in your software.

License and compliance reports

Allows relevant stakeholders to get an easy overview of the state of compliance, export a report over all licenses in the account, and send it to anyone.

Side-by-side project comparison

Helps your developers make informed decisions and choose projects that benefit your organization.

Language support

Lets you scan your code in the language you natively use.

Automated project evaluation

Instantly determines whether a project is compliant with your policies before you add it to your codebase.