Insignary is the developer of Clarity, a specialized software composition analysis solution that enables DevSecOps to gain visibility into their software. By leveraging unique fingerprinting technology, Clarity scans software binaries, developed in-house or acquired from third-party vendors, for known security vulnerabilities, while also identifying license compliance issues.
Clarity scans for “fingerprints” from binary code to examine and then compare against the fingerprints collected from open source components in numerous open source repositories. Once a component and its version are identified through Clarity’s fingerprint-based matching, comparing them to more than 180,000 known security vulnerabilities catalogued in numerous databases, such as NVD and VulnDB, is straightforward.
Clarity’s fingerprinting technology eliminates the need for both source code and reverse engineering, yet provides more accurate results with less false positives than those offered by source code based scanning services. Our unique solution does not depend on CPU architecture or compiler, and is therefore able to support a greater range of files than can legacy binary scanners.
Insignary’s Clarity is available as both On-Premises and Cloud-based solutions, and offers RESTful API and Container/Docker options for easy and seamless integration with the existing DevSecOps’ CI/CD pipeline
Due to its unrivaled accuracy, flexibility, and extensive OSS coverage, Clarity has come to light as the optimal tool for customers with varying OSS management requirements, ranging from embedded software scanning to large scale IT infrastructure scanning.