The professional edition of Puma Scan. Enhanced features, fewer false positives, support options. License valid for one year, and renewed annually.
The Server Edition allows command line scanning and integration with your build server without the overhead of Visual Studio. Each Server license may be used on up to 3 build agents and includes 5 free End User licenses.
Plans starting at $4,999
The Build Agent package supports high volume build environments that have more than 3 build agents. Each Build Agent license supports scanning on 3 additional build agents and costs $1,000.
Plans start at $5,999 and up
To confirm that Puma Scan is installed correctly, can you clone our sample Puma Prey repository and verify that you are receiving diagnostic warnings in that solution.
Install only the Visual Studio Extension OR the NuGet package. Don't use both at the same time or Roslyn gets angry. This will only happen in the Community Edition.
The community edition rulesets are standalone security analyzers that are installed into Visual Studio. There is no communication back to the Puma Scan server to obtain rule updates at this time. We deliver rule updates and changes via patches and updates to the extension.
Yes, this is very important. See the installation instructions for more details.
The End User Edition allows software engineers to export Puma Scan results to an HTML report for easy viewing. The Visual Studio extension also supports exporting JSON formated results to allow custom parsing with JQ and integrating the results into other vulnerability management systems.
You can purchase the Server Edition by signing in and registering an account. This will take you through the appropriate steps to get the server license, plus 5 End User licenses downloaded and up and running.
Five End User Licenses are included with each Server Edition License. You have the option of purchasing additional Build Server Agents.
The Server Edition generates Puma Scan results in several formats. HTML for easily viewing Puma Scan results. JSON formatting allows custom parsing with tools such as JQ and integration with other vulnerability management systems. MSBuild formatting allows pipelines to processes the results and record vulnerabilities as build warnings or errors. Visual Studio Online (VSO) allows Puma Scan results to be added to the build warnings or errors when running as a VSTS build task.
It depends on the size and scope of the project. Smaller projects will see scan results in under a minute. Moderately sized projects may take a few minutes. Large monolith applications (e.g. > 50 projects in a single solution) have seen scan times between 45 and 90 minutes.
As soon as you commit your code, your build pipeline will kick off. Your build pipeline definition should contain the Puma Scan task to start the code scan.
This is the responsibly of your build pipeline. Each build should archive the artifacts (including the Puma Scan report data), allowing you to see the history and trending.
We do offer Professional Services support for teams requiring help. This can be done both both virtually and on-site at your location. Please Contact Us for a professional services quote.
The Puma Scan team would be happy to provide a custom quote for your Enterprise License request.
Enterprise licenses are set up to allow an unlimited number of End User licenses.
Enterprise licenses are set up to allow an unlimited number of Server licenses.
For Enterprise license agreements, we offer flexible payment options including quarterly, bi-annual or annual. Our team will work with you on a custom quote and payment agreement.
Contact Us to inquire about reseller discounts.
Your Enterprise license will come with a dedicated support engineer to help install, customize, and address ongoing issues. Our professional services support team can assist both virtually and on-site at your location.