SaaS BOM

At a glance: Review a list of all SaaS services referenced by your code. Understand precisely how and where these services are used so you can efficiently change SaaS references when necessary.

See the list of currently supported SaaS services.

Overview

SaaS BOM provides you with a detailed inventory of the SaaS services referenced by your code, including:

  • Name of the SaaS service and a link to its website

  • Service category (for example, logging, messaging, ticketing, etc.)

  • Repository (application) in which the reference was detected

  • The way in which the SaaS service is referenced by your code and its precise location (file and line number)

Why does it matter?

Consider the following scenario: Your development organization works in squads, developing app features independently. Some of these teams incorporate SaaS services into your code. These services work well in your product, helping it to process customer data more effectively and efficiently. However, because of the independent nature of your dev teams, there's no centralized list of the SaaS services referenced in your code.

Recently, a major SaaS provider experienced a data breach. If your code references that service, you need to act quickly to change your API tokens so that your customer data isn't compromised.

With SaaS BOM, you have exactly the information you need: Does your code reference that SaaS service? What are the precise locations in your code that need to be addressed?

Using SaaS BOM

In the summary table:

  • A specific SaaS service is listed once for each application in which it is detected.

  • For a single application, multiple references to the same SaaS service are listed in a single row, with each location listed separately in the Where found column.

  • Use the filters on the left side of the page to view specific information in the table according to your preferences.

  • Select a row to open detailed information at the bottom of the page, including a complete usage table in the Where found tab.

Reference types detected

OX detects the following types of references to SaaS services in your code:

Reference typeDetails

SDK declared as an application dependency

SDK libraries imported into code in the files in which it will be used

SDK libraries used in the code

Token detected in the code

Direct call to a SaaS API endpoint URL

Supported SaaS services

OX detects the following SaaS services, with more being added all the time:

Last updated

Copyright ©2024 OX Security. All rights reserved.