Integrations

Integrations

Use Flyingduck to compile a detailed inventory of all open-source libraries utilized within your applications. This facilitates transparency and compliance with software bill of materials (SBOM) standards. Conduct thorough scans to identify vulnerabilities present within integrated libraries, employing software composition analysis (SCA) methodologies to enhance security posture. Scan the source code to detect instances of hardcoded secrets, tokens, API keys, or credentials, thereby minimizing the risk of unauthorized access or data breaches.

Proactively identify and recommends the latest non-vulnerable versions of libraries, enabling users to safeguard against potential exploitation of known vulnerabilities. Track and address license violations in open-source components, supporting legal compliance efforts and mitigating associated risks. While this aspect is currently under development, it remains a crucial component of our roadmap to ensure comprehensive governance over software dependencies.

Flyingduck integrates seamlessly with a range of tools in your environment, enabling comprehensive security coverage for your entire tech stack. Our platform supports leading DevOps and cloud-native tools, as well as traditional security technologies, ensuring that potential vulnerabilities are identified and secured. With Flyingduck, enjoy consolidated security and complete visibility without the complexity of managing multiple tools.

In the Flyingduck portal, there is a dedicated page for integrations. On this page, you can view the available integrations for various tools. Flyingduck will only obtain read access to your code, repositories, and organization.

Quick Setup Checklist

CLI Mode

  • Read access to the repository
  • Repository cloned locally
  • Docker installed and running
  • Flyingduck API key generated

Workflows / Pipelines Mode

  • Admin access to the repository
  • Flyingduck API key generated
  • API key stored as an environment variable
  • Docker installed and running in the workflow environment

On-Premise VM (Runner with App Integration)

  • VM setup with Ubuntu 22.04 or 24.04
  • Minimum system requirements met (2 CPU cores, 8 GB RAM, 30 GB disk)
  • Docker installed and running on the VM
  • Admin access to the organization
  • Flyingduck API key generated

For detailed VM setup instructions, refer to the prerequisites section (opens in a new tab).

IntroductionCloud