Build Tools
CI Servers
General
Repositories
Distribution
Mission Control
Xray

Deep Recursive Scanning

Deep Recursive Scanning

JFrog Xray starts with your primary software component, and then recursively drills down to identify its dependencies, and then the dependencies’ dependencies, and so on down to any level, until every single component that is a part of your software, whether directly or indirectly, has been identified. Xray supports every major packaging format in use today including Docker, Debian, RPM, NuGet, JAR files, Npm, PyPI, RubyGems, Bower, Vagrant, Git LFS, SBT, Opkg, P2 and more. In fact, as an open and flexible package-agnostic tool, Xray can accommodate new formats that may come on the scene from time to time and provide the same level of deep recursive scanning as with currently available package formats.

Once all components and dependencies have been identified, Xray cross-references them with any number of feeds and databases of known vulnerabilities, and alerts you if any component compromises your software.

recursivescanning