SaaS BOM

At a glance: Review a list of all SaaS services referenced by your code. Understand precisely how and where these services are used so you can efficiently change SaaS references when necessary.

See the list of currently supported SaaS services.

Overview

SaaS BOM provides you with a detailed inventory of the SaaS services referenced by your code, including:

Name of the SaaS service and a link to its website
Service category (for example, logging, messaging, ticketing, etc.)
Repository (application) in which the reference was detected
The way in which the SaaS service is referenced by your code and its precise location (file and line number)

Why does it matter?

Consider the following scenario: Your development organization works in squads, developing app features independently. Some of these teams incorporate SaaS services into your code. These services work well in your product, helping it to process customer data more effectively and efficiently. However, because of the independent nature of your dev teams, there's no centralized list of the SaaS services referenced in your code.

Recently, a major SaaS provider experienced a data breach. If your code references that service, you need to act quickly to change your API tokens so that your customer data isn't compromised.

With SaaS BOM, you have exactly the information you need: Does your code reference that SaaS service? What are the precise locations in your code that need to be addressed?

Using SaaS BOM

In the summary table:

A specific SaaS service is listed once for each application in which it is detected.
For a single application, multiple references to the same SaaS service are listed in a single row, with each location listed separately in the Where found column.
Use the filters on the left side of the page to view specific information in the table according to your preferences.
Select a row to open detailed information at the bottom of the page, including a complete usage table in the Where found tab.

Reference types detected

OX detects the following types of references to SaaS services in your code:

Reference type	Details
	SDK declared as an application dependency
	SDK libraries imported into code in the files in which it will be used
	SDK libraries used in the code
	Token detected in the code
	Direct call to a SaaS API endpoint URL

Reference type

Details

SDK declared as an application dependency

SDK libraries imported into code in the files in which it will be used

SDK libraries used in the code

Token detected in the code

Direct call to a SaaS API endpoint URL

Supported SaaS services

OX detects the following SaaS services, with more added all the time:

Last updated 4 months ago

Overview

SaaS BOM provides you with a detailed inventory of the SaaS services referenced by your code, including:

Name of the SaaS service and a link to its website

Service category (for example, logging, messaging, ticketing, etc.)

Repository (application) in which the reference was detected

The way in which the SaaS service is referenced by your code and its precise location (file and line number)

Why does it matter?

Recently, a major SaaS provider experienced a data breach. If your code references that service, you need to act quickly to change your API tokens so that your customer data isn't compromised.

With SaaS BOM, you have exactly the information you need: Does your code reference that SaaS service? What are the precise locations in your code that need to be addressed?

Using SaaS BOM

In the summary table:

A specific SaaS service is listed once for each application in which it is detected.

For a single application, multiple references to the same SaaS service are listed in a single row, with each location listed separately in the Where found column.

Use the filters on the left side of the page to view specific information in the table according to your preferences.

Click the button to export the full or filtered table as a CSV file.

Select a row to open detailed information at the bottom of the page, including a complete usage table in the Where found tab.

Reference types detected

OX detects the following types of references to SaaS services in your code:

Reference type	Details
Dependency	SDK declared as an application dependency
Import	SDK libraries imported into code in the files in which it will be used
SDK usage	SDK libraries used in the code
Token/secret	Token detected in the code
Direct API call	Direct call to a SaaS API endpoint URL

Reference type

Details

Dependency

SDK declared as an application dependency

Import

SDK libraries imported into code in the files in which it will be used

SDK usage

SDK libraries used in the code

Token/secret

Token detected in the code

Direct API call

Direct call to a SaaS API endpoint URL