Software Risk Manager Deployment Options
- Data aggregation
- Tool orchestration (requires the SRM Tool Orchestration module deployed on Kubernetes)
- SRM coupled with SAST (requires the SRM Scan Farm module deployed on Kubernetes)
- SRM coupled with SCA (requires the SRM Scan Farm module deployed on Kubernetes)
- SRM coupled with SAST and SCA (requires the SRM Scan Farm module deployed on Kubernetes)
Data Aggregation from Multiple Sources
Software Risk Manager supports a large and growing list of tool connectors that can be used to collect and aggregate data from multiple sources. In addition to providing risk assessment detail for each finding, SRM provides policy violation management, dashboards, and a host of other features. For this deployment option, SRM is installed as a standalone product in a Windows or Linux environment.
Data Aggregation with Tool Orchestration
SRM with tool orchestration enables AppSec teams to build their own custom pipeline and orchestrate all scanning from a central location. If a required tool isn't currently supported, SRM allows teams to configure any commercial or open source tool to work with SRM. This option requires the SRM Tool Orchestration module and a Kubernetes deployment.
Software Risk Manager Coupled with SAST
This deployment option allows teams to run Coverity (SAST) scans seamlessly with SRM. This option requires the SRM Scan Farm module deployed on Kubernetes.
Software Risk Manager Coupled with SCA
This deployment option allows teams to run Black Duck (SCA) scans seamlessly with SRM. This option requires the SRM Scan Farm module deployed on Kubernetes.
Software Risk Manager Coupled with SAST and SCA
This deployment option allows teams to run Coverity (SAST) and Black Duck (SCA) scans seamlessly with SRM. This option requires the SRM Scan Farm module deployed on Kubernetes.