How Xygeni works
Last updated
Last updated
The Xygeni platform is a cloud-based service, accessible via REST API, that keeps findings and metadata from different sources.
The , runs in your internal network and asses your infrastructure for different types of vulnerabilities (Visit for further info on available scanners).
Once the scan is done, you decide either to upload the results to the Xygeni servers (to see the results into the SaaS ) or keep the results locally for further processing.
The Xygeni platform is represented by the chart below:
Trends exploration, reporting, and platform administration, among other facilities are also displayed.
Xygeni provides integrations for running scans or uploading security issues, performing administrative operations, or exporting findings to communication and reporting tools.
Activity on public repositories is monitored by Xygeni so potential attacks could be detected early. Publishing new packages in popular public repositories is an example of an activity that is monitored by Xygeni. In addition, security advisories are ingressed for modelling new threats and malicious activity on the wild. Xygeni customers may receive alerts when a security issue may affect them.
Xygeni provides a command-line interface (CLI) for running the . The scanner can either run analysis commands separately, like detecting hardcoded secrets or misconfigurations, or run all the analyses at once.
The is java based and can be triggered directly from the , from any (Unix shell script, Windows batch, PowerShell script, etc.), from (pre-commit, pre-receive) or embedded into .
The scanner can be scan a , a , a or group of repositories and even a whole .
The Xygeni Scanner can be automatically installed into you repositories or manually embedded into your pipelines. Please visit and for further information.
Scanner findings can be inspected in the , downloaded via Xygeni , in several formats (csv, json, etc...) and also create (Jira, GitHub) or opening (Slack) to notify your team about an issue.
See for further detail
The is the web user interface for showing the results of the scans. The dashboard provides a summary security posture and the breakdown of security issues at the global, group or project levels.
See for further detail
The is the central element in the platform. All elements in the platform use the API as a backbone for reporting findings and receiving the processed information for integration into Xygeni tools, third-party plugins and integrations or any custom integration for organizations.
See for further detail
See and for further detail
See and for further details.