The average application consists of 106 open source components.


A typical application contains 23 known vulnerabilities.


Most applications indicate at least 8 GPL licensed components.


Many components in use are old, unsupported, and unpopular.

“Zero tolerance for risk is why some customers require us to provide proof that our applications do not contain hidden security or licensing vulnerabilities.  By partnering with Sonatype, we’re able to provide our customers with a detailed Software Bill of Materials validating that VMTurbo applications consist of only the highest quality open source components.”

- Sylvia Isler, Chief Architect at VMTurbo

Three steps to a Software Bill of Materials:

  1. Download AHC (links below)
  2. Open AHC and select an application to examine
  3. Review Bill of Materials (see sample here)
OSX application-check-app-2.2.0-01-macos.tgz SHA1  ASC MD5
Unix application-check-2.2.0-01.jar SHA1 ASC MD5
Windows SHA1 ASC MD5

Please Note: When running AHC you can examine a sample application, or you can examine your own application.  Examining your own application does not expose your source and binary code in any way.

AHC Zoom3 copy.png