Threat detection
Threat detection enhances the security of your software supply chain by scanning your software for vulnerabilities using the Signing Manager Controller (SMCTL) interface.
Threat detection uses Role-Based Access Control (RBAC) to ensure that authorized personnel can start and oversee these scans. Scan results are integrated into your Software Trust account, providing you with a centralized hub for vulnerability, deployment risk, and license issue analysis.
There are three types of threat detection:
Threat detection type | Description |
|---|---|
Scan open-source components in your development workflow to help your team automatically track, manage, and remediate licensing issues and vulnerabilities before releasing your software. | |
Scan all components of your software before release to detect malware, vulnerabilities, secrets, and other risks in both your developers’ code and any third-party integrations. | |
Scan macOS software signed with a Developer ID for malicious components before distribution from the App Store. |