Protecode SC Binary Analysis

Protecode SC binary analysis is a comprehensive software composition analysis (SCA) solution for managing risk in software supply chains. During procurement, operations, and development, Protecode SC binary analysis can help you gain visibility into the composition of third-party software, make better buying decisions, and manage the ongoing risk of operating complex systems and software.

The market landscape

To drive innovation and efficiency in critical business infrastructure, organizations consume systems and software from various suppliers. Their demand for better, faster technology drives increasing reliance on a complex software supply chain for third-party components. While this software supply chain has many advantages, it also presents many security challenges:

  • Software as a patchwork: Virtually all software includes third-party components, including free and open source software (FOSS), commercial off-the-shelf code (COTS), and internally developed components, which are rarely sourced with security in mind and often contain vulnerabilities.
  • Deferred accountability: Consumers of software and systems often incorrectly assume that security and robustness are upstream responsibilities—and thus bear the risk of an unchecked software supply chain.
  • Ground zero for attacks: Vulnerable third-party software represents a weak link in the supply chain that provides a point of entry for attacks.

Product overview

Protecode SC is a binary and runtime code analysis solution that addresses the challenges of an increasingly complex and fragmented software supply chain. Protecode SC quickly identifies third-party and open source components, known vulnerabilities, license types, and other potential risk issues. Because Protecode SC analyzes binary code, as opposed to source code, it can scan practically any software or system, including desktop and mobile applications, embedded system firmware, and more.

Protecode SC at a glance

The power and versatility of Protecode SC is balanced by its intuitive user interface and ease of use.

Dashboard summary

Protecode SC's interactive dashboard provides a high-level overview of the composition and overall health of scanned software. The summary includes the following:

  • Software bill of materials (BoM): Protecode SC provides detailed information about each identified third-party component, including version, location, license obligations, known vulnerabilities, and more.
  • Vulnerability assessment: Protecode SC uses an advanced proprietary engine to provide enhanced, relevant information about each vulnerability from the NIST National Vulnerability Database (NVD), including the Common Vulnerabilities and Exposures (CVE) identifier and severity.
  • Open source licenses report.

Key features

With Protecode SC, you can analyze systems and software, without requiring access to source code, to identify weak links in your software supply chain quickly and easily.

  • Scan virtually any software or firmware in minutes. Gain visibility into essentially any software or firmware, including desktop and mobile applications, embedded system firmware, virtual appliances, and more.
  • No source code required. Simply upload the software you want to assess, and Protecode SC performs a thorough binary or run-time analysis in minutes. This black box technique emulates an attacker’s approach to detecting vulnerabilities.
  • Obtain a comprehensive BoM. Identify and catalog all third-party software components and licenses.
  • Manage your risk profile. Diagnose software health by identifying known vulnerabilities and licensing obligations within software components. Make informed decisions about the use and procurement of technology with realistic metrics.
  • Proactively combat code decay. Automatically receive alerts for newly discovered vulnerabilities in previously scanned software.
  • Enjoy a flexible delivery model. Protecode SC is available as a cloud-based service or an on-premises appliance.