CoPilot is a publicly-facing free application that allows owners of open source projects on GitHub to monitor security risk associated with used components as part of their Git Flow development process.
CoPilot supports a variety of CI/CD tools such as Travis and a variety of languages including Java, C#, Ruby, Scala, R and many others. Watch this brief video to learn how to set up and use CoPilot, plus a demo to help you understand how you can use this non-intrusive security risk assessment to demonstrate that you are responsible producers of open source software.
CoPilot also provides insight into the security vulnerabilities before merging them back into the main branch through pull request integration. Before you approve a pull request, CoPilot informs you which components will be added or removed, and how that affects your security risk level.
Try CoPilot out today to get an at-a-glance view of the security risk discovered in your GitHub project - plus how to mitigate that risk.