More to come!

Deepbits is constantly evolving and adding more features. Below are currently supported features.

  • Software Bill of Materials (SBOM) generation, distribution, and management.
  • Vulnerability detection.
  • Malware detection.
  • Daily/monthly/yearly executive report.
  • software/host assessment report.
  • License analysis.
  • code quality analysis
  • out-of-dated library detection
  • continuously monitor
  • integrations (RESTAPI, Jira, webhook, github, aws ecr, dockerhub, etc.)
  • supply chain dependency analysis

Supported Languages and Platforms

Platform/Archx86/64, ARMv8, Docker, Linux, Android
Javajar, apk, .war, .ear, .par, pom.xml, gradle.lockfile,
Pythonpoetry.lock, Pipfile.lock, requirements.txt, .egg
JavaScriptyarn.lock, package-lock.json, package.json, pnpm-lock.yaml
RubyGemfile.lock, .gemspec
Rustrust binary, cargo.lock
Gogo binary, go.sum, go.mod

The Deepbits platform currently is able to return the analysis results for:

  • Packages on NPM/PYPI/RUBYGEM/Maven
  • Code repositories on Github
  • Docker images on Dockerhub

Users can also upload either source code or binary code of applications to get the analysis results. The supported languages and platforms are listed in the above table.