Skip to content

Commit 3ac9b02

Browse files
new Library Inventory topic for Code Security (#32967)
1 parent e7c51a1 commit 3ac9b02

File tree

10 files changed

+227
-55
lines changed

10 files changed

+227
-55
lines changed

config/_default/menus/main.en.yaml

Lines changed: 54 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -3112,256 +3112,251 @@ menu:
31123112
parent: containers
31133113
identifier: containers_autoscaling
31143114
weight: 2
3115-
- name: Remediation
3116-
url: containers/bits_ai_kubernetes_remediation
3117-
parent: containers
3118-
identifier: containers_autoscaling
3119-
weight: 3
31203115
- name: Docker and other runtimes
31213116
url: containers/docker/
31223117
parent: containers
31233118
identifier: containers_docker
3124-
weight: 4
3119+
weight: 3
31253120
- name: APM
31263121
url: containers/docker/apm/
31273122
parent: containers_docker
31283123
identifier: containers_docker_apm
3129-
weight: 401
3124+
weight: 301
31303125
- name: Log collection
31313126
url: containers/docker/log/
31323127
parent: containers_docker
31333128
identifier: containers_docker_log
3134-
weight: 402
3129+
weight: 302
31353130
- name: Tag extraction
31363131
url: containers/docker/tag/
31373132
parent: containers_docker
31383133
identifier: containers_docker_tag
3139-
weight: 403
3134+
weight: 303
31403135
- name: Integrations
31413136
url: containers/docker/integrations/
31423137
parent: containers_docker
31433138
identifier: containers_docker_integrations
3144-
weight: 404
3139+
weight: 304
31453140
- name: Prometheus
31463141
url: containers/docker/prometheus/
31473142
parent: containers_docker
31483143
identifier: containers_docker_prometheus
3149-
weight: 405
3144+
weight: 305
31503145
- name: Data Collected
31513146
url: containers/docker/data_collected/
31523147
parent: containers_docker
31533148
identifier: containers_docker_data_collected
3154-
weight: 406
3149+
weight: 306
31553150
- name: Kubernetes
31563151
url: containers/kubernetes/
31573152
parent: containers
31583153
identifier: containers_kubernetes
3159-
weight: 5
3154+
weight: 4
31603155
- name: Installation
31613156
url: containers/kubernetes/installation
31623157
parent: containers_kubernetes
31633158
identifier: containers_kubernetes_installation
3164-
weight: 501
3159+
weight: 401
31653160
- name: Further Configuration
31663161
url: containers/kubernetes/configuration
31673162
parent: containers_kubernetes
31683163
identifier: containers_kubernetes_configuration
3169-
weight: 502
3164+
weight: 402
31703165
- name: Distributions
31713166
url: containers/kubernetes/distributions
31723167
parent: containers_kubernetes
31733168
identifier: containers_kubernetes_distributions
3174-
weight: 503
3169+
weight: 403
31753170
- name: APM
31763171
url: containers/kubernetes/apm/
31773172
parent: containers_kubernetes
31783173
identifier: containers_kubernetes_apm
3179-
weight: 504
3174+
weight: 404
31803175
- name: Log collection
31813176
url: containers/kubernetes/log/
31823177
parent: containers_kubernetes
31833178
identifier: containers_kubernetes_log
3184-
weight: 505
3179+
weight: 405
31853180
- name: Tag extraction
31863181
url: containers/kubernetes/tag/
31873182
parent: containers_kubernetes
31883183
identifier: containers_kubernetes_tag
3189-
weight: 506
3184+
weight: 406
31903185
- name: Integrations
31913186
url: containers/kubernetes/integrations/
31923187
parent: containers_kubernetes
31933188
identifier: containers_kubernetes_integrations
3194-
weight: 507
3189+
weight: 407
31953190
- name: Prometheus & OpenMetrics
31963191
url: containers/kubernetes/prometheus/
31973192
parent: containers_kubernetes
31983193
identifier: containers_kubernetes_prometheus
3199-
weight: 508
3194+
weight: 408
32003195
- name: Control plane monitoring
32013196
url: containers/kubernetes/control_plane/
32023197
parent: containers_kubernetes
32033198
identifier: containers_kubernetes_control_plane
3204-
weight: 509
3199+
weight: 409
32053200
- name: Data collected
32063201
url: containers/kubernetes/data_collected/
32073202
parent: containers_kubernetes
32083203
identifier: containers_kubernetes_data_collected
3209-
weight: 510
3204+
weight: 410
32103205
- name: Datadog CSI Driver
32113206
url: containers/kubernetes/csi_driver
32123207
parent: containers_kubernetes
32133208
identifier: csi_driver
3214-
weight: 511
3209+
weight: 411
32153210
- name: Data security
32163211
url: data_security/kubernetes
32173212
parent: containers_kubernetes
32183213
identifier: container_kubernetes_data_security
3219-
weight: 512
3214+
weight: 412
32203215
- name: Cluster Agent
32213216
url: containers/cluster_agent/
32223217
parent: containers
32233218
identifier: containers_cluster
3224-
weight: 6
3219+
weight: 5
32253220
- name: Setup
32263221
url: containers/cluster_agent/setup/
32273222
parent: containers_cluster
32283223
identifier: cluster_agent_setup
3229-
weight: 601
3224+
weight: 501
32303225
- name: Commands & Options
32313226
url: containers/cluster_agent/commands/
32323227
identifier: cluster_agent_commands
32333228
parent: containers_cluster
3234-
weight: 602
3229+
weight: 502
32353230
- name: Cluster Checks
32363231
identifier: containers_cluster_agent_clusterchecks
32373232
url: containers/cluster_agent/clusterchecks/
32383233
parent: containers_cluster
3239-
weight: 603
3234+
weight: 503
32403235
- name: Endpoint Checks
32413236
identifier: containers_cluster_agent_endpoint_checks
32423237
url: containers/cluster_agent/endpointschecks/
32433238
parent: containers_cluster
3244-
weight: 604
3239+
weight: 504
32453240
- name: Admission Controller
32463241
identifier: containers_cluster_agent_admission_controller
32473242
url: containers/cluster_agent/admission_controller/
32483243
parent: containers_cluster
3249-
weight: 605
3244+
weight: 505
32503245
- name: Amazon ECS
32513246
url: containers/amazon_ecs/
32523247
parent: containers
32533248
identifier: containers_amazon_ecs
3254-
weight: 7
3249+
weight: 6
32553250
- name: APM
32563251
url: containers/amazon_ecs/apm/
32573252
parent: containers_amazon_ecs
32583253
identifier: containers_amazon_ecs_apm
3259-
weight: 701
3254+
weight: 601
32603255
- name: Log collection
32613256
url: containers/amazon_ecs/logs/
32623257
parent: containers_amazon_ecs
32633258
identifier: containers_amazon_ecs_logs
3264-
weight: 702
3259+
weight: 602
32653260
- name: Tag extraction
32663261
url: containers/amazon_ecs/tags/
32673262
parent: containers_amazon_ecs
32683263
identifier: containers_amazon_ecs_tags
3269-
weight: 703
3264+
weight: 603
32703265
- name: Data collected
32713266
url: containers/amazon_ecs/data_collected/
32723267
parent: containers_amazon_ecs
32733268
identifier: containers_amazon_ecs_data_collected
3274-
weight: 704
3269+
weight: 604
32753270
- name: AWS Fargate
32763271
url: integrations/ecs_fargate/
32773272
parent: containers
32783273
identifier: ecs_fargate
3279-
weight: 8
3274+
weight: 7
32803275
- name: Datadog Operator
32813276
url: containers/datadog_operator
32823277
identifier: containers_datadog_operator
32833278
parent: containers
3284-
weight: 9
3279+
weight: 8
32853280
- name: Advanced Install
32863281
url: containers/datadog_operator/advanced_install
32873282
identifier: containers_datadog_operator_installation
32883283
parent: containers_datadog_operator
3289-
weight: 901
3284+
weight: 801
32903285
- name: Configuration
32913286
url: containers/datadog_operator/config
32923287
identifier: containers_datadog_operator_configuration
32933288
parent: containers_datadog_operator
3294-
weight: 902
3289+
weight: 802
32953290
- name: Custom Checks
32963291
url: containers/datadog_operator/custom_check
32973292
identifier: containers_datadog_operator_customchecks
32983293
parent: containers_datadog_operator
3299-
weight: 903
3294+
weight: 803
33003295
- name: Data Collected
33013296
url: containers/datadog_operator/data_collected
33023297
identifier: containers_datadog_operator_datacollected
33033298
parent: containers_datadog_operator
3304-
weight: 904
3299+
weight: 804
33053300
- name: kubectl Plugin
33063301
url: containers/datadog_operator/kubectl_plugin
33073302
identifier: containers_datadog_operator_kubectlplugin
33083303
parent: containers_datadog_operator
3309-
weight: 905
3304+
weight: 805
33103305
- name: Secret Management
33113306
url: containers/datadog_operator/secret_management
33123307
identifier: containers_datadog_operator_secretmanagement
33133308
parent: containers_datadog_operator
3314-
weight: 906
3309+
weight: 806
33153310
- name: DatadogDashboard CRD
33163311
url: containers/datadog_operator/crd_dashboard
33173312
identifier: containers_datadog_operator_crd_dashboard
33183313
parent: containers_datadog_operator
3319-
weight: 907
3314+
weight: 807
33203315
- name: DatadogMonitor CRD
33213316
url: containers/datadog_operator/crd_monitor
33223317
identifier: containers_datadog_operator_crd_monitor
33233318
parent: containers_datadog_operator
3324-
weight: 908
3319+
weight: 808
33253320
- name: DatadogSLO CRD
33263321
url: containers/datadog_operator/crd_slo
33273322
identifier: containers_datadog_operator_crd_slo
33283323
parent: containers_datadog_operator
3329-
weight: 909
3324+
weight: 809
33303325
- name: Troubleshooting
33313326
url: containers/troubleshooting/
33323327
parent: containers
33333328
identifier: containers_troubleshooting
3334-
weight: 10
3329+
weight: 9
33353330
- name: Duplicate hosts
33363331
url: containers/troubleshooting/duplicate_hosts
33373332
parent: containers_troubleshooting
33383333
identifier: containers_troubleshooting_duplicate_hosts
3339-
weight: 1001
3334+
weight: 901
33403335
- name: Cluster Agent
33413336
url: containers/troubleshooting/cluster-agent
33423337
parent: containers_troubleshooting
33433338
identifier: containers_troubleshooting_cluster_agent
3344-
weight: 1002
3339+
weight: 902
33453340
- name: Cluster Checks
33463341
url: containers/troubleshooting/cluster-and-endpoint-checks
33473342
parent: containers_troubleshooting
33483343
identifier: containers_troubleshooting_cluster_and_endpoint_checks
3349-
weight: 1003
3344+
weight: 903
33503345
- name: HPA and Metrics Provider
33513346
url: containers/troubleshooting/hpa
33523347
parent: containers_troubleshooting
33533348
identifier: containers_troubleshooting_hpa
3354-
weight: 1004
3349+
weight: 904
33553350
- name: Admission Controller
33563351
url: containers/troubleshooting/admission-controller
33573352
parent: containers_troubleshooting
33583353
identifier: containers_troubleshooting_admission_controller
3359-
weight: 1005
3354+
weight: 905
33603355
- name: Guides
33613356
url: containers/guide
33623357
parent: containers
33633358
identifier: containers_guide
3364-
weight: 11
3359+
weight: 10
33653360
- name: Processes
33663361
url: infrastructure/process
33673362
identifier: process
@@ -7187,6 +7182,11 @@ menu:
71877182
url: /security/code_security/software_composition_analysis/setup_runtime/compatibility/
71887183
parent: sca_setup_runtime
71897184
weight: 1
7185+
- name: Library Inventory
7186+
identifier: sca_library_inventory
7187+
url: /security/code_security/software_composition_analysis/library_inventory/
7188+
parent: software_composition_analysis
7189+
weight: 3
71907190
- name: Secret Scanning
71917191
identifier: sec_secret_scanning
71927192
url: /security/code_security/secret_scanning/

content/en/security/code_security/software_composition_analysis/_index.md

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,8 +59,15 @@ Click on a library with a vulnerability to open a side panel that contains infor
5959
<!-- {{< img src="code_security/software_composition_analysis/sca-violation.png" alt="Side panel for a SCA violation" style="width:80%;">}} -->
6060

6161
### Library inventory
62-
The Libraries [Inventory][8] helps you understand the list of libraries and its versions that are used in both your codebase and running on deployed services. For each library version, you can assess how often it is used, its license riskiness, and understand the health of each library (e.g. if it has reached EOL, if it is unmaintained, etc.)
6362

63+
The [Library Inventory][8] provides visibility into the third-party libraries detected across your codebase. Datadog collects this information from:
64+
65+
* **Static SCA**, which identifies all libraries referenced in your repositories, and
66+
* **Runtime SCA**, which detects libraries that are actually loaded and used by your services at runtime.
67+
68+
Use the Library Inventory to understand which dependencies you rely on, where they are used, and whether they contain known vulnerabilities or license risks.
69+
70+
To learn more about how the inventory is generated, how Static and Runtime data differ, and how to interpret the library details (usage, vulnerabilities, licenses, versions, and OpenSSF score), see [Library Inventory][14].
6471

6572
### Library vulnerability context in APM
6673
SCA enriches the information Application Performance Monitoring (APM) is already collecting by flagging libraries that match with current vulnerability advisories. Potentially vulnerable services are highlighted directly in the **Security** view embedded in the [APM Software Catalog][10].
@@ -101,3 +108,4 @@ The Vulnerability Explorer offers remediation recommendations for detected vulne
101108
[11]: https://app.datadoghq.com/security/appsec/vm/library
102109
[12]: https://app.datadoghq.com/ci/code-analysis
103110
[13]: /security/code_security/software_composition_analysis/setup_static/#upload-third-party-sbom-to-datadog
111+
[14]: /security/code_security/software_composition_analysis/library_inventory

0 commit comments

Comments
 (0)