In today’s software development environment it is typical to find that fifty percent or more of the lines of code originate from an outside source, typically Open Source, but also from commercial sources. This leads immediately to the question “What’s in My Code?”, a question that can be difficult and time-consuming to answer. Palamida products and services answer that question.
Our special-purpose search engine scans code, comparing it with billions of source code fingerprints and exact file matches to establish the origin and version of externally written code elements. Once known, Palamida’s extensive database will return information about license, vulnerabilities and cryptography as well as establishing a permanent record of usage. With this knowledge, organizations can reduce their risk of intellectual property infringement, security vulnerabilities and export control issues. Our proven request and authorization workflow allows developers to gain approval prior to usage, and records the details of planned usage.
Enterprise Edition – Enterprise Edition contains the full set of scanning and analysis features as well as request and authorization workflow. It is ideally suited for an organization desiring to establish an end-to-end solution for managing Open Source and other third party code in their development projects. With a library of over five million open source components, and over 2.1M automated detection rules, code scanning with Enterprise Edition is comprehensive and increasingly automated. The integration of request and authorization workflow with scanning allows organizations to implement a full cycle solution starting with the request to use, followed by scanning and reconciliation of actual and requested contents.
Palamida Standard Edition – Standard Edition contains the scanning and analysis features, without the request and authorization workflow. It is designed for organizations who need to focus first on analysis of code content, perhaps as a result of an immediate requirement for disclosures (Third Party Notices). Standard Edition has all of the scanning and analysis features of Enterprise Edition, and can run on a single laptop for small organizations or on a higher capacity server for expanded capacity. It can be upgraded to Enterprise Edition easily at any time.
Palamida Governance Edition – Governance Edition contains the request and approval workflow features, and does not contain the scanning and analysis features. This edition is designed for organizations who wish to start their compliance program with a focus on developer disclosure instead of scanning. This approach minimizes the requirements for staffing an analysis function, yet allows organizations to generate disclosures (Third Party Notices) based on developer disclosures. Governance Edition can be upgraded to Enterprise Edition easily at any time.