Security Audit
You code in PHP and composer is your dependency manager?
You don't yet have a dependency analysis process in your continuous integration and testing system?
With Security Audit, track easily the dependencies of your PHP projects.
Dependency analysis in a flash
Dependency analysis is a method for identifying security vulnerabilities in your project. With the Security Audit application you can quickly identify vulnerabilities and abandonned packages.
Data security
The content of your composer.lock file is analysed is analyzed automatically and we make no other use of it.
Likewise, your personal data is only used to identify you or send you daily or weekly alerts.
Would you like more information about our data protection policy?
Follow the roadmap of versions used by your application
After each analysis, you benefit from a table tracking the versions used by your application.
Follow the roadmap of versions used by your application
Integration with your GitHub, Bitbucket or Gitlab code tools
Connect your project to your Git repository to have an automatic update of your audit report.
Add badges directly to the README.md file of your projects, so you will be informed of the presence of new vulnerabilities or abandoned packages.
Compare Security Audit vs Symfony Insight
| Symfony Insight | Security Audit | |
|---|---|---|
| Dependency Analysis | ||
| Code quality | ||
| Documentation and good practices | ||
| Architecture and design | ||
| Alerts and notifications | ||
| Version tracking | ||
| Integration with CI/CD | ||
| Historical comparison | ||
| Team collaboration | ||
| Free plan | ||
| Premium plan | ||
| Security Analysis | ||
| Detailed reports | ||
| Configuration control | ||
| Performance | ||
| Technical support | ||
| Continuous integration | ||
| Compliance audit | ||
| Static code analysis | ||
| Dynamic code analysis | ||
| Data Integrity Analysis | ||
| Detection of common vulnerabilities | ||
| Secrets management | ||
| Log analysis |
Indeed, Security Audit does not cover all the features of Symfony Insight, but we have worked hard to complete the analysis of dependencies and components of your stack with a static analysis of the source code for our customers' projects. This static analysis is now automated with SonarQube and the indicators are reported on the analysis report. We have also added the analysis of the components of your stack such as your HTTP server (Apache, Nginx), your database (Postgres, MariaDB, MySQL) or libraries that you want to audit. Thanks to DependencyTrack you will be informed of the vulnerabilities and report the vulnerabilities on these components.
Contact us for a demo!.
Compare the features of our offers
FAST
Analysis of dependencies from
a composer.lock
Analysis of dependencies
from a Git repository
Create a project to benefit from
advanced features
ADVANCED
Register with a
GitHub account or email
Save your analyzes
in a project
Receive daily
or weekly alerts by email
Sharing reports
with your team
Visualize the roadmap
of your versions
Compare your analysis history
Start nowPREMIUM
Unlimited number of projects
Unlimited instant analyses
Unlimited number of teams
Unlimited number of
members in your teams