We're pleased to announce a powerful new feature of our automated tool that becomes tangible in our platform's Supply chain section: Reachability.

The Supply chain section shows your application's affected and unaffected third-party dependencies. Now, you can more efficiently prioritize and address dependencies with security issues by knowing which ones have exploitable vulnerabilities.

Here's how it works:

• Focused analysis: Reachability, a feature working with SAST, analyzes your application's direct dependencies reported by our SCA to determine whether their known vulnerabilities are actually exploitable in your specific case.
• Clear prioritization: In the Supply Chain section, look for the "Reachable" tag in the Status column. If it's there, prioritize remediation efforts for those tagged dependencies.
• Detailed vulnerability insights: For each reachable security issue, you'll see the location of the vulnerability within your code and a link to the vulnerability table of the corresponding type. This will help you thoroughly understand the vulnerability and prioritize it effectively in relation to the other reported issues.
• Reduced noise: No more guessing games! Reachability cuts through the noise of potential vulnerabilities and highlights the ones that need immediate attention.

Currently supported languages:

• Javascript
• Typescript
• Python

Coming soon:

• Java
• C#

Start prioritizing your vulnerability remediation today!

Log in to our platform and explore the new Reachability feature in the Supply Chain section.