Meterian: Secure your software vulnerabilities

I confirm that I will use Meterian Services for my trade, business, craft or professional purposes only and understand that my personal data will be handled subject to the Meterian Terms and Conditions and Privacy Policy.

Your first scan

Add Meterian to your Github Action or add Meterian Badges into your Github project's README.

Docs Install Badges

Integrate Meterian on your Bitbucket pipeline

Docs Install

Install the Meterian plugin into your Azure DevOps project

Docs Install

Perform a scan via command line

Use the Meterian Thin client to run a scan from your command line

Docs Download

Perform an analysis of your project using the Meterian Dockerized Client

Docs Get

Scan your Docker container for known vulnerabilities using the Meterian Container Scanner

Docs Download

Use Meterian on CI

Meterian integrats with most of the CI platforms, grab an API token and follow the documentation

Tokens See all

Teams

Manage your organization teams and members in the easiest possible way.

Docs

SBoM

Easily keep track of your projects' Software Bill of Materials available in multiple formats

Docs

Auto remediations

Engages the autofix mechanism that automatically fixes problems detected during the analysis

Docs

Sentinel

Receive notifications about newly found vulnerabilities which are affecting libraries used on your projects

Docs

Got questions?

Have a look at the documentation, you might find the answer to your question in there

Docs

Get in touch and we will try to answer your question as soon as possible

Enter your project public Github URL to generate the badges:

^Optional

Select your private, public-marked, project to generate the badges:

^Optional

Select your private project to generate the badges:

^Optional

(This badge will be usable only on github.com)

For the security badge, please add this snippet to your README file:

[![security status]($baseurl/badge/gh/spring-projects/spring-boot/security)]($baseurl/report/gh/spring-projects/spring-boot)

For the stability badge, please add this snippet to your README file:

[![stability status]($baseurl/badge/gh/spring-projects/spring-boot/stability)]($baseurl/report/gh/spring-projects/spring-boot)

For the licensing badge, please add this snippet to your README file:

[![licensing status]($baseurl/badge/gh/spring-projects/spring-boot/licensing)]($baseurl/report/gh/spring-projects/spring-boot)

Protected by Meterian badge

Secured with Meterian badges, these badges are designed for our customers to display that they benefit from protection provided by Meterian.

<a href="https://meterian.io" target="_blank" >
   <img src="https://meterian.io/images/brand/badge-light.svg"
        style="width:550px"
   />
</a>

Existing authentication tokens

Token	Name	Team	Member	Created on	Expires at	Expired	Actions

No tokens so far.

Create a new token

Projects:

Multiselect

Enterprise Reports

View Metrics

Poor

Average

Good

Perfect

Name	Branch	Status	Language	Security	Stability	Licensing	Teams	Tags	Last Updated	Actions

No projects found for this selection.

No projects so far, please use the client:

see the introductory explanation of the client
see the client user's manual
download the latest client version here

Reload projects

Show issues only

Account statistics

Total components:
Vulnerable:
With license violation:
With missing license:

No dependencies so far, please use the client:

see the introductory explanation of the client
see the client user's manual
download the latest client version here

If you already have projects please scan them again.



Dependency	Version	Language	Critical	High	Medium	Low	Suggest	Violations	Warnings	Projects

No dependencies found for this selection.

Your account members

This panel will allow you to link existing or new collaborators to your account to represent your current team. Based on their role they will be provided with a certain range of permissions as follows:

Adminstrator - can do anything on your account, including disabling it
Collaborator - can run analysis, apply ignore rules and view reports
Viewer - can view online reports only

Account members

Daily analysis usage

Members:

Add a new member:

Name:

Email:

Role:

Teams

Teams usage

You've reached your maximum teams allowance

Add a new team:

Name:

Description:

No team is currently selected.

Select a team from the menu.

This team has no members.

Add a new member

This team contains all the members of this account.

Only administrators can access this list.

Add a new member:

Name:

Email:

Role:

Account policies

No policies so far.

Create a new policy

Multiselect

policies listed

Description	Severity	Tags	Language	Platform	Status	Actions

Account

User

The unique identifier of your account

This is the unique identifier of your account. It is used to identify your account

UUID:

The name of your account

This is the name assigned to your account. It can be really anything it makes sense to you and, of course, it can be changed at any time.

Name:

The contact email of your account

This is the main contact email of your account, where you receive notification about people joining or leaving your account, changes made to your plan, and any other account-wide relevant information. You can change this email but you will need to follow a validation process: unless this is successful, the change will not be executed. Please contact our support email if you need any assistance.

Email:

Your account Github organization

By selecting an organization from this list, all the members of the specific Github organization will be automatically added to this Meterian account once they have performed their first login with Github.
You have to be an admin of both Github organization and Meterian account.

Github Organization

Support login token

This token can be used to allow a member of the Meterian support team to login in your behalf in the case you are experiencing issues within your account.
Simple generate or refresh the token and communicate it to a member of the Meterian support team.
The token automatically expires after 8 hours after its issue.

Notifications

Get notified if a project in your account becomes vulnerable. Activate the Meterian notification service here

The plan associated to your account

This is the plan associated to your account, and can be changed at any time but at the moment only by contacting our support email.

Plan: Upgrade Buy Credits

Disable your account

This will allow you to disable your account. Nothing will be lost, but you will need to contact our support email if you need to restore o completely delete your account. This is required in case you need to join, as a member, another account, as at this stage Meterian` does not support multiple accounts for the same user.

Experimental Mode

Experience all the features Meterian has to offer by enabling Experimental Mode. Some functionalities are still in development or testing, so full stability is not guaranteed as developers continue to refine these features.

You can disable Experimental Mode at any time.

Credentials

To update your password, simply click the button below. You will be redirected to a secure page where you can follow the steps to change your password.

Change password

MFA Configuration

Email SMS App Backup codes

Authenticator app

SMS/Text messages

Backup codes

Configure multi-factor authentication (MFA) to strengthen your account’s security and keep it protected at all times. With MFA, you add an additional layer of defense beyond your password, requiring a second verification step when logging in from unfamiliar devices. This extra step helps safeguard your personal information and prevent unauthorized access, even if your password is compromised.

Meterian Dashboard

Notifications

Datadog

Azure

RKVST

Jira

Security Score Calculation

Calculation by CVSS The score starts at 100. For each vulnerability, points are deducted based on its CVSS score. The amount of points deducted is between 0 and 50: it's proportionate to the score of the vulnerability, that goes from 0 to 10. For example, a score of 9 will deduct 45 points, while a 1 will deduct 5 points. A suggestion will always deduct 0.25.

Calculation by Severity The score starts at 100, then:

each SUGGESTION deducts 0.25
each LOW deducts 5
each MEDIUM deducts 10
each HIGH deducts 20
each CRITICAL deducts 25

The minimum score is 0

Security Thresholds

EPSS
%

CVSS

Severity

Enforce association member-tokens

Severity level when no CVE is present

Severity level for unmaintained libraries

Severity level for unknown libraries

Ignore unstable versions

Automatic temporary branches cleanup

Protected branches regex
Temporary branches regex
Temporary branches lifetime in days

Minimum scores

Security

Stability

Licensing

Default projects time filter

Enter one or more regular expressions to identify .NET projects to be classified in test scope:

Enter one or more regular expressions to identify components to exclude from license analysis:

Analysis scopes

Security

Stability

Licensing

Production scopes

Manage RKVST configuration

Client id
Client secret

Allerta configuration

Languages	Severity	CVSS	EPSS %	Recepients

Sentinel configuration

Target branches for notifications

Notifications minimum threshold

Unmaintained libraries notifications

Do not forget to confirm the changes

Credentials

API Key

Application Key

Host

Metrics

Number of vulnerabilities (by severity)

The scores of a project

The age of a vulnerability

Prefix

At least one metric must be active

Branches

${feedbackMessage}

Meterian

New opensource project

Currently Scanning

Your first scan

Perform a scan via command line

Use Meterian on CI

Teams

SBoM

Auto remediations

Sentinel

Got questions?

Enter your project public Github URL to generate the badges:

Select your private, public-marked, project to generate the badges:

Select your private project to generate the badges:

For the security badge, please add this snippet to your README file:

For the stability badge, please add this snippet to your README file:

For the licensing badge, please add this snippet to your README file:

Protected by Meterian badge

Existing authentication tokens

Your account members

Account members

Daily analysis usage

Teams

Teams usage

Members of :

Account policies

The unique identifier of your account

The name of your account

The contact email of your account

Your account Github organization

Support login token

Notifications

The plan associated to your account

Disable your account

Experimental Mode

Credentials

Manage RKVST configuration