Overview

The FlexNet Code Insight extension allows development teams to easily integrate open source scanning into their build process by performing the following functions:

• scans materials in your build environment
• automatically discovers all open source components in your build
• automatically creates tasks in Code Insight (with optional external JIRA work items) for any non-compliant items based on your configured policies
• continuous monitors your bill of materials and generates alerts for any new security vulnerabilities

#About FlexNet Code Insight FlexNet Code Insight helps development, legal and security teams to reduce open source security risk and manage license compliance with an end-to-end system. It is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk, while you build your products and during their lifecycle. Manage open source license compliance. And add automation to your processes and implement a formal OSS strategy and policy that balances business benefits and risk management.

Contact us for more information about FlexNet Code Insight

Get Started with the FlexNet Code Insight Extension

Follow the steps below to configure your FlexNet Code Insight extension:

1. Setup FlexNet Code Insight server.
2. Create a project of type = "Inventory Only".
3. Obtain an Authentication token for your account.
4. Install the extension by clicking on "Get it free" button above.
5. Navigate to your Visual Studio instance (https://companyname.visualstudio.com)
6. Select "Organization Settings" >> "Extensions". You should be able to see "FlexNet Code Insight Scan" extension here.
7. Navigate to 'Build' tab of your project and add the task "FlexNet Code Insight".
8. Enter your team’s values for FlexNet Code Insight Server, Authentication Token, and FlexNet Code Insight Project Name.
9. When you build your project, the scan will be automatically performed as part of the process.