All integrations
SCA

SCA Integrations — Dependency & Container Scanning

Vulnerable dependencies are the fastest-growing share of most backlogs. Centraleyezer ingests SCA results from Trivy and Mend.io (WhiteSource) — CVEs in OS packages and language libraries, with installed and fixed versions preserved — so dependency risk is tracked, assigned and verified like every other finding instead of living in a separate report.

2 available now4 on the roadmap

Trivy

InfraSCA

Aqua Trivy open-source scanner for container images, filesystems, and IaC. JSON import covering OS packages and language library vulnerabilities.

Integration guide

Snyk Code

RoadmapSASTSCA

Snyk SAST and SCA findings import covering static code analysis (Snyk Code) and open-source dependency vulnerabilities (Snyk Open Source).

Mend.io (WhiteSource)

SCA

Mend.io (formerly WhiteSource) open-source vulnerability findings. JSON export import for centralised dependency risk tracking.

Integration guide

OWASP Dependency-Check

RoadmapSCA

OWASP Dependency-Check open-source SCA findings covering known vulnerable libraries in Java, .NET, Python, Node.js, and more.

Black Duck (Synopsys)

RoadmapSCA

Synopsys Black Duck SCA findings for open-source component vulnerabilities and licence risk across all major package managers.

JFrog Xray

RoadmapSCAInfra

JFrog Xray SCA and container security findings — covers binary components, Docker layers, and artefact dependencies across JFrog Artifactory.

Ready to connect your stack?

Book a demo and we'll walk through exactly how Centraleyezer fits into your existing tools.

SCA Integrations — Dependency & Container Scanning