Meterian


×
×


Your first scan

Add Meterian to your Github Action or add Meterian Badges into your Github project's README.

Docs Install Badges

Integrate Meterian on your Bitbucket pipeline

Docs Install

Install the Meterian plugin into your Azure DevOps project

Docs Install

Perform a scan via command line

Use the Meterian Thin client to run a scan from your command line

Docs Download

Perform an analysis of your project using the Meterian Dockerized Client

Docs Get

Scan your Docker container for known vulnerabilities using the Meterian Container Scanner

Docs Download

Use Meterian on CI

Meterian integrats with most of the CI platforms, grab an API token and follow the documentation

Tokens See all

Teams

Manage your organization teams and members in the easiest possible way.

Docs

SBoM

Easily keep track of your projects' Software Bill of Materials available in multiple formats

Docs

Auto remediations

Engages the autofix mechanism that automatically fixes problems detected during the analysis

Docs

Sentinel

Receive notifications about newly found vulnerabilities which are affecting libraries used on your projects

Docs

Got questions?

Have a look at the documentation, you might find the answer to your question in there

Docs

Get in touch and we will try to answer your question as soon as possible

Contact us

Enter public Github URL :


Select your private, public-marked, project to generate the badges:


Select your private project to generate the badges:


(This badge will be usable only on github.com)


 

For the security badge, please add this snippet to your README file:

[![security status]($baseurl/badge/gh/spring-projects/spring-boot/security)]($baseurl/report/gh/spring-projects/spring-boot)
                                            
                                        

For the stability badge, please add this snippet to your README file:

[![stability status]($baseurl/badge/gh/spring-projects/spring-boot/stability)]($baseurl/report/gh/spring-projects/spring-boot)
                                            
                                        

For the licensing badge, please add this snippet to your README file:

[![licensing status]($baseurl/badge/gh/spring-projects/spring-boot/licensing)]($baseurl/report/gh/spring-projects/spring-boot)
                                                
                                            

Protected by Meterian badge

Secured with Meterian badges, these badges are designed for our customers to display that they benefit from protection provided by Meterian.

<a href="https://meterian.io" target="_blank" >
<img src="https://meterian.io/images/brand/badge-light.svg"
style="width:550px"
/>
</a>

Existing authentication tokens

Token Name Team Actions
No tokens so far.

Poor
Average
Good
Perfect
Name Branch
No projects found for this selection.
No projects so far, please use the client:
  Reload projects
 

No dependencies so far, please use the client: If you already have projects please scan them again.
Dependency Critical High Medium Low
No dependencies found for this selection.

Your account members

This panel will allow you to link existing or new collaborators to your account to represent your current team. Based on their role they will be provided with a certain range of permissions as follows:
  • Adminstrator - can do anything on your account, including disabling it
  • Collaborator - can run analysis, apply ignore rules and view reports
  • Viewer - can view online reports only

Account members

Daily analysis usage

Add a new member:

Teams

Teams usage

You've reached your maximum teams allowance

Add a new team:

No team is currently selected.

Select a team from the menu.

This team has no members.

Add a new member

This team contains all the members of this account.

Only administrators can access this list.

Add a new member:

Account policies

No policies so far.

Description Severity Status Actions
User

The unique identifier of your account

This is the unique identifier of your account. It is used to identify your account

The name of your account

This is the name assigned to your account. It can be really anything it makes sense to you and, of course, it can be changed at any time.

The contact email of your account

This is the main contact email of your account, where you receive notification about people joining or leaving your account, changes made to your plan, and any other account-wide relevant information. You can change this email but you will need to follow a validation process: unless this is successful, the change will not be executed. Please contact our support email if you need any assistance.

Your account Github organization

By selecting an organization from this list, all the members of the specific Github organization will be automatically added to this Meterian account once they have performed their first login with Github.
You have to be an admin of both Github organization and Meterian account.

Support login token

This token can be used to allow a member of the Meterian support team to login in your behalf in the case you are experiencing issues within your account.
Simple generate or refresh the token and communicate it to a member of the Meterian support team.
The token automatically expires after 8 hours after its issue.

Notifications

Get notified if a project in your account becomes vulnerable. Activate the Meterian notification service here

The plan associated to your account

This is the plan associated to your account, and can be changed at any time but at the moment only by contacting our support email.
Upgrade

Disable your account

This will allow you to disable your account. Nothing will be lost, but you will need to contact our support email if you need to restore o completely delete your account. This is required in case you need to join, as a member, another account, as at this stage Meterian` does not support multiple accounts for the same user.

Experimental Mode

Experience all the features Meterian has to offer by enabling Experimental Mode. Some functionalities are still in development or testing, so full stability is not guaranteed as developers continue to refine these features.

You can disable Experimental Mode at any time.

Scratch codes for MFA

Generate scratch codes as backup for multi-factor authentication. Use a scratch code if your primary authentication method is unavailable and each code can be used once.

No scratch codes available

Credentials

To update your password, simply click the button below. You will be redirected to a secure page where you can follow the steps to change your password.



Phone number as for MFA

Configure a phone number to enable the use of SMS codes as a form of multi-factor authentication. This setup will allow you to receive a unique verification code via text message whenever you attempt to log into your account, adding an extra layer of security beyond your standard password.

Set up a phone number before enabling

MFA authenticator app

Configure an authenticator app to enable the use of time-based one-time passwords (TOTP) as a form of multi-factor authentication. This setup will allow you to generate a unique verification code via the app whenever you attempt to log into your account, adding an extra layer of security beyond your standard password.

Set up authenticator app

Meterian Dashboard
Notifications
Datadog
Azure
RKVST
Security Score Calculation
Calculation by CVSS The score starts at 100. For each vulnerability, points are deducted based on its CVSS score. The amount of points deducted is between 0 and 50: it's proportionate to the score of the vulnerability, that goes from 0 to 10. For example, a score of 9 will deduct 45 points, while a 1 will deduct 5 points. A suggestion will always deduct 0.25.
Calculation by Severity The score starts at 100, then:
  • each SUGGESTION deducts 0.25
  • each LOW deducts 5
  • each MEDIUM deducts 10
  • each HIGH deducts 20
  • each CRITICAL deducts 25
The minimum score is 0

Security Thresholds
EPSS 
%
CVSS
Severity
Enforce association member-tokens  
Severity level when no CVE is present
Severity level for unmaintained libraries
Severity level for unknown libraries
Ignore unstable versions  
Automatic temporary branches cleanup  



Minimum scores
Security
Stability
Licensing
Default projects time filter
Enter one or more regular expressions to identify .NET projects to be classified in test scope:


Enter one or more regular expressions to identify components to exclude from license analysis:


Analysis scopes
Security
Stability
Licensing

Production scopes

Manage RKVST configuration


Client id
Client secret

Allerta configuration
Languages Severity CVSS EPSS % Recepients  

Sentinel configuration
Notifications minimum threshold
Unmaintained libraries notifications  


Do not forget to confirm the changes
Credentials
API Key
Application Key
Host
Metrics
Number of vulnerabilities (by severity)
The scores of a project
The age of a vulnerability
Prefix
Branches
Tags
Automatic actions
Recompute the reports



Executions
There is no history of executions for this account
Send metrics now

                                                    
Send metrics now
AzureAD Group ID Meterian Team Name Actions


Your tags
This panel will allow you to create and manage your tags.
A tag can be used to configure the score threshold used by the client and the policies to apply to a project's licensing analysis.

There are currently no tags.  




Name Description

Create new tag