Built-In Open Source Dependency Scanners

Software Risk Manager also scans input to check for dependencies with known vulnerabilities.

The following dependencies are checked:

  • Java: .jar and .war files in Java projects.
  • .NET: .exe and .dll files in .NET projects.
  • JavaScript files are checked by name or a hash of the file (minified JavaScript incorporated into a different source file will not be checked).