Meterian

Back-end & Platform Engineering Technology Enabler

Meterian is the innovative solution for application security that continuously analyzes the source code to identify and mitigate the vulnerability of open source components, guaranteeing the protection of the software supply chain. The main languages supported are Java, Go, .NET/C#, Javascript, NodeJS, Python, PHP and Rust.

Thanks to its ability to integrate seamlessly into existing workflows, Meterian is the ideal choice for companies that want to perform security analysis continuously and without interrupting development.
Meterian also offers a complete solution for managing the security and compliance of open source licenses in every software project, enabling the development of more secure and compliant applications.

Bitrock has been a Partner of Meterian since 2024, offering companies a complete and cutting-edge solution for application security. Thanks to in-depth analysis of open source dependencies, we promptly identify and mitigate vulnerabilities, guaranteeing continuous protection of IT infrastructures and accelerating development times.

OVERVIEW

The Open Source Security Management verifies that the use of open source components in the project complies with the corresponding licenses. All this is done through the DevSecOps plug and play solution, an integrated security platform that automates security activities in the application development cycle with security scans and direct code analysis to detect vulnerabilities.

License Compliance Management comes into play for license compliance management: a solution that automatically identifies the terms and conditions associated with the open source components of the libraries used to ensure compliance and avoid risks such as the forced release of proprietary code or the collection of heavy fines.

Meterian integrates into existing development processes without the need to access the source code. It generates comprehensible reports to quickly identify and resolve problems. Moreover, it identifies vulnerabilities in templates for IaC infrastructures, guaranteeing the risk of infrastructure violations. Last but not least, it provides a data feed on the vulnerabilities supplied through an on-premise security DB that does not require active internet connectivity, with a relative API-Based service and a WEB interface that allows its exploration.

Solutions

Meterian offers a complete suite of tools for application security and compliance. The main solutions include:

  • BOSS: for analyzing the source code and composition of software
  • BOSSC: for analyzing container images
  • ISAAC:  for scanning and configuring infrastructure as code (IaC)
  • KIWI: provides a data feed on vulnerabilities

Use Cases

The Meterian suite includes advanced static code analysis capabilities to identify vulnerabilities and applies uniform best practices across development teams. It also generates detailed security reports with risk scores and precise recommendations for prioritising necessary interventions. This integrated and systematic approach ensures effective security management throughout the software development cycle, allowing companies to maintain high security standards without slowing down the development process.

HEALTHCARE

In scenarios where maintaining data confidentiality is a priority, such as protecting medical patient data, Meterian performs continuous code scans to prevent vulnerabilities that could compromise sensitive data, enabling companies to develop secure software at an early stage.

CI/CD pipeline

Meterian integrates effectively into CI/CD pipelines to perform in-depth automatic scans of software dependencies, providing real-time alerts on vulnerabilities and implementing pre-deployment security checks to ensure secure releases. The solution also excels in managing license compliance through automatic scans that prevent potential legal conflicts and generate comprehensive documentation for compliance.

dependency management

The system proactively identifies obsolete or problematic packages, suggesting necessary updates and detecting potential conflicts that could compromise the stability of the applications. DevSecOps integration allows security practices to be incorporated directly into the development process, with automated gates and team collaboration tools that facilitate the management of security issues.

ask our bitrockers

Franco Geraci

Franco Geraci

Head of Engineering

Simone Esposito

Simone Esposito

Team Lead Engineering

Do you want to know more about our services? Fill in the form and schedule a meeting with our team!

Milano

Registered & Operating Office
Via Tortona 4
20144 Milano (MI) – Italy
+39 02 37920598
info@bitrock.it

Treviso

Administrative & Operating Office
Viale della Repubblica 156/a
31100 Treviso (TV) – Italy
+39 02 37920598
+39 0422 1600025
info@bitrock.it

Trieste

Operating Office
Via Roma 22
34132 Trieste (TS) – Italy
+39 02 37920598
info@bitrock.it

Chiasso

Bitrock Sagl
Via Volta 1
6830 Chiasso (CH)
+39 02 37920598
admin@bitrockinternational.ch

Bitrock

Bitrock is a high-end technology and consulting company committed to offering cutting-edge and innovative solutions in Back-end Engineering, Platform Engineering, Data, AI & ML Engineering, Product Design & UX Engineering, Mobile App Development, Front-end Engineering, FinOps, Quality Assurance and Governance

Tüv süd ISO 27001

Bitrock S.r.l. A Fortitude Group Company.

© Copyright 2025. All rights reserved.
VAT 10150530961

Privacy Policy | Cookie Policy    |Legal

Information Security Policy | Whistleblowing Procedure | Whistleblowing Privacy Policy | Whistleblowing Report System