Component

The average application consists of 106 open source components.

Vulnerability

A typical application contains 23 known vulnerabilities.

License

Most applications indicate at least 8 GPL licensed components.

Architecture

Many components in use are old, unsupported, and unpopular.

"We wanted fast solutions, but also wanted those to be secure solutions. We shouldn't have to discuss whether software should be secure. That's why we chose Nexus Lifecycle."

Stefan Simenon, Head of Centre of Expertise Software Development & Tooling, ABN AMRO

Three steps to a Software Bill of Materials:

  1. Download AHC (links below)
  2. Open AHC and select an application to examine
  3. Review Bill of Materials (see sample here)
OSX application-check-app-2.3.0-02-macos.tgz SHA1  ASC MD5
Unix application-check-2.3.0-02.jar SHA1 ASC MD5
Windows application-check-app-2.3.0-02-win.zip SHA1 ASC MD5

Please Note: When running AHC you can examine a sample application, or you can examine your own application.  Examining your own application does not expose your source and binary code in any way.

AHC Zoom3 copy.png