This documentation provides practical guidance for evaluating SCANOSS capabilities through proof-of-concept implementations. It covers hands-on testing scenarios across the SCANOSS core datasets: license compliance, cryptography detection and security vulnerabilities.
License Dataset - Test snippet detection, SBOM creation, component declaration workflows and license compliance using tools like SCANOSS-PY, pre-commit hooks and CI/CD integrations.Cryptography Dataset - Evaluate cryptographic algorithm detection capabilities through the SCANOSS API and command-line tools.Security Dataset - Explore vulnerability scanning and management using SCANOSS API, SBOM Workbench and Dependency Track integration.Process & Integrations - Learn how to integrate SCANOSS into your development workflow through GitHub Actions and establish policy management with Dependency Track.Each section includes step-by-step instructions, configuration examples and practical use cases to help you evaluate how SCANOSS fits your organisation’s needs.
Use the following diagram as a quick visual reference for how SCANOSS clients interact with the load balancer, scanning clusters and intelligence decoration services during proof-of-concept evaluations.
