Does Artifactory have any feature that helps identify security risk/license vulnerabilities?

Artifactory supports inspection process and license checks through the Black Duck Code Center integration add-on.

The integration between Black Duck Code Center and Artifactory offers you an automated, non-invasive approach to the open source component approval process. It also does proactive monitoring for security vulnerabilities that may be associated with specific binary components. License, security vulnerability, and approval status are pulled from the Black Duck Knowledge Base.

For more information and screenshots about configuring and using Artifactory BlackDuck integration, please see our BlackDuck Integration on our wiki.


You may also wish to look into our newest product, XRay, which performs universal component analysis, recursively scanning all layers of an organization’s binary components to provide radical transparency and unparalleled insight into their software architecture. JFrog Xray works with all package formats and is fully integrated with JFrog Artifactory.