Threat detection
DigiCert® Software Trust Manager's Threat Detection feature enhances the security of your software supply chain by scanning your software for vulnerabilities using Signing Manager Controller (SMCTL) interface. Threat detection leverages robust Role-Based Access Control (RBAC) and ensures that authorized personnel can initiate and oversee these scans. The scan results are seamlessly integrated into your Software Trust Manager cloud account, providing you with a centralized hub for vulnerability, deployment risk, and license issue analysis. This feature equips you with the controls and analytics to make informed decisions and utilize Software Trust Manager effectively to secure your software supply chain against potential threats and risks.
Software Trust Manager offers three types of threat detection:
FOSSA is a Software Composition Analysis (SCA) tool that you can use to scan open source components in your development workflow to help your team automatically track, manage, and remediate licensing issues and vulnerabilities before releasing your software.
ReversingLabs is a static binary analysis tool that you can use to scan all components found in your software prior to release, to identify malware, vulnerabilities, secrets, and more in your developers' code and any third-party components integrated into your software.
Scan macOS software signed with a Developer ID for malicious components before distribution outside of the Mac App Store.