Ship software without vulnerabilities

In the next three months ten new security problems will be found among the top opensource libraries. Use Meterian to make sure the software you are shipping is not open to known vulnerabilities.

About Samples

Supported by

The libraries your project is using can be flawed

Are you ready to take your chances?

(sample taken on 24/08/2017 - see the live list here)

The code developers write accounts for the 10% of the software shipped: the rest is composed of external libraries. There's a good chance one of such libraries, or one of its dependencies, contains a vulnerability, and those libraries are embedded in your product.

Use Meterian to introduce a transparent and automatic check to make sure your software does not expose your customers to known vulnerabilities, and if necessary use the provided tools to fix the problem easily and quickly. A client application is available for integration in your CI/CD pipeline, and badges are available for your opensource project.

Meterian scans your Java, Javascript, .NET, Scala, Ruby, PHP, Python and NodeJS projects.

For Opensource For Companies

For Opensource
Unbiased validation of your projects

Maintain a good reputation among users and contributors providing objective security reports.

Visible Badges

Provide visible proof that your projects are clear of known defects and are safe to use in production.

Fully Automated

Badges and reports are updated automatically: once added to your project page no further intervention is required.

Comprehensive Report

A complete assessment of every security and stability issue found, the steps to resolve it, and a full list of available upgrades.

Free For Open Source

We will provide to all the open source projects of the planet our security assessments for free, forever.

Documentation

Find out more about the Meterian specifics about language support, the usage of badges and the native integration with repository hosting services on the Meterian Documentation.

For Companies
Remove third party vulnerability risks

Increase the trust in your products by maintaining a continuous control over the security of the libraries you use.

CI/CD ready

Seamless integration into any existing continuous delivery pipeline using the client application. Scan any project without providing access to the source control system: try it now!

Technical Support

Make full use of our technical support to receive assistance in removing complex vulnerabilities. Included in Enterprise plans or available upon request.

License Risk Assessment

Enforce company software policies. Block or mitigate legal risks. in your software before release and early in your development process.

Comprehensive Report

Make it easy to audit your software supply chain. Identify component-specific issues and take action to fix, upgrade, resolve, mitigate or analyze further.

Documentation

Find out more about how Meterian can be integrated into your pipeline and the specifics about language support on the Meterian Documentation.

PLANS

Free

Unlimited open source projects
1 closed source project
10 analyses per day
HTML reports
No CI integration
No API access
No licence analysis
No team management
No support

FREE

Bootstrap

Unlimited open source projects
10 closed source projects
500 analyses per day
Text, HTML, JSON reports
CI integration
Basic API access
No licences analysis
No team management
Email support

£2000/year

Professional

Unlimited open source projects
100 closed source projects
5000 analyses per day
Text, HTML, JSON, PDF reports
CI integration
Full API access
Licence inventory
No team management
Email support

£7000/year

Enterprise

Unlimited open source projects
Unlimited closed source projects
Unlimited analyses per day
Custom report formats
CI integration
Full API access
Licence risk analysis
Team management
Email & phone support

Please read the FAQ for detailed information about our plans.

LIVE SAMPLES

Eclipse Vert.x

Eclipse Vert.x is a tool-kit for building reactive applications on the JVM. Vert.x is used by many different companies. It is event driven and non blocking, it lets your app scale with minimal hardware.

Current scores

See the full report!

Apache Struts

The Apache Struts web framework is a free open-source solution for creating Java web applications. It's used, among the others, by many Atlassian tools, which were affected in the early 2017 by a major security issue caused by an insecurity in Struts.

Current scores

See the full report!

Apache NiFi

Apache NiFi is an easy to use, powerful, and reliable system to process and distribute data. It is widely used in the BigData world to manage the ingestion of sources onto the Hadoop platform.

Current scores

See the full report!

Eclipse Jetty

Jetty is a lightweight highly scalable java based web server and servlet engine. It is a modern fully async web server easily embedded into applications while still offering a solid traditional distribution for webapp deployment.

Current scores

See the full report!

Eclipse Vert.x

Eclipse Vert.x is a tool-kit for building reactive applications on the JVM. Vert.x is used by many different companies. It is event driven and non blocking, easy to use, it lets your app scale easily with minimal hardware requirements.

Current scores

See the full report!

Apache Struts

Apache Struts is an open-source solution for creating Java web applications. It's used, among the others, by many Atlassian tools, which were affected in 2017 by a major security issue caused by an insecurity in Struts.

Current scores

See the full report!

Ship software without vulnerabilities

The libraries your project is using can be flawed