Start Your First SourceClear Scan

SourceClear Software Composition Analysis

The SourceClear QuickStart guide helps you start scanning your projects to find vulnerabilities. When you scan a project, you can generate a report that tells you about libraries and vulnerabilities in your projects.

Before you begin

To start scanning, you must first download and install the SourceClear agent. TheSourceClear agent scans your code to identify open-source libraries to find vulnerabilities and provide a full comprehensive report.

About this task

To start your first scan:

Procedure

  1. Sign in to SourceClear.
  2. Enter your company name to create your personalized URL.
    Sign-In
  3. Choose to scan manually from your desktop.
    • homebrew
    • curl
    • apt-get
  4. Click the copy icon ([+]) to copy the commands.
  5. Paste the commands in a terminal.
    After you have finished the installation, you receive a success message.
  6. Run srcclr activate and generate a token to configure the agent.
    ConfigureAgent
  7. Scan your code or any example repo.
  8. Use the report URL from your scan output to view the report in the web platform.