SOOS

Modern AppSec

Azure DevOps Vulnerability Code Scan Integration

SOOS integrates directly into your Azure DevOps build and test process to provide a deep dependency tree scan for open source package vulnerabilities, license usage, and governance rules. Automate vulnerability scans in your Azure DevOps pipeline when you execute a build or commit a change.

SCAN YOUR CODE
AND TRY FOR FREE!*

Unlimited Projects. Unlimited Users. Unlimited Scans.
No credit card is required.

Sign up now
lock & key

Find. Prioritize. Fix. Monitor.

Open source intelligence and open source license management for all your teams.

How easy is SOOS Azure DevOps Integration?

It’s easy getting SOOS scans integrated with your Azure DevOps pipelines and workflow.

In the SOOS App – click the Integrate button in the SOOS menu, choose CI/CD and follow the SOOS Azure DevOps Integration directions. Put the SOOS provided files in a directory in your project repository, setup some enviromental variables, and get an invite from us for our SOOS Azure DevOps task, add it to your pipeline file and you’re ready to go! Azure DevOps integration examples and instructions can be found in our SOOS AzureDevOps GitHub repository.

laptop
tablet

What else do you get with SOOS?

  • Unlimited Projects
  • Unlimited Users
  • Unlimited Scans
  • CI/CD Integrations
  • Typo Detection
  • Suggested Fixes
  • Rich Vulnerability Management Dashboards
  • SBOM generation
  • Open Source License Management
  • Issue Trackers
  • Robust Governance Package

Integrations

Ruby Logo
.NET Logo
JavaScript Logo
PHP Logo
Gradle Logo
Rust Logo
Dart Logo
Homebrew Logo
Elixir Logo
Erlang Logo

We support major programming languages.

Java LogoJava
Python LogoPython
Ruby LogoRuby
.NET Logo.NET
JavaScript LogoJavaScript
PHP LogoPHP
Gradle LogoGradle
Rust LogoRust
Dart LogoDart
Homebrew LogoHomebrew
Elixir LogoElixir
Erlang LogoErlang

SOOS builds a comprehensive database by following the deep dependency tree of any open source project to find reported vulnerabilities and remediations (including those found deep in open source code project repositories like Github security issues) which is used by SOOS’s cloud-based software vulnerability scanner. This means you don’t miss important warnings about libraries/packages you have included in your application. SOOS also supports vulnerability analysis for Node/NPM, RUBY, Java/Maven, and .NET/NuGet

Don’t ignore your open source code any longer

Sign up now