CoPilot is a publicly-facing free application that allows owners of open source projects on GitHub to monitor security risk associated with used components as part of their Git Flow development process.
CoPilot supports a variety of CI/CD tools such as Travis and a variety of languages including Java, C#, Ruby, Scala, R and many others. Watch this brief video to learn how to set up and use CoPilot, plus a demo to help you understand how you can use this non-intrusive security risk assessment to demonstrate that you are responsible producers of open source software.
CoPilot also provides insight into the security vulnerabilities before merging them back into the main branch through pull request integration. Before you approve a pull request, CoPilot informs you which components will be added or removed, and how that affects your security risk level.
Try CoPilot out today to get an at-a-glance view of the security risk discovered in your GitHub project – plus how to mitigate that risk.
Lisa Bryngelson is a senior product manager at Black Duck by Synopsys focused on working with our current Suite customers, helping them to transition to the new Black Duck platform. She is also working on new emerging product offerings like CoPilot. She has been with Black Duck since 2012, starting off in technical support, where she gained her desire to improve customers' experience, which lead her to take a product management position in an effort to apply what she learned to directly influence the product direction. Prior to Black Duck, she has 19 years of software development experience in various positions for companies like Adobe and Sybase.