Meterian Project Scanner

Meterian Project Scanner is a software composition analysis tool that scans web projects for vulnerable, outdated, or non-compliant components. It operates by crawling website contents — similar to a search engine crawler — to identify and classify dependent components based on their signatures, without performing load testing or penetration testing. The scanner can be run locally on a developer's machine or integrated into a CI/CD pipeline for continuous monitoring. It identifies security vulnerabilities, stability risks, and license compliance issues within dependent software components. For each component detected, it provides a list of known vulnerabilities, a complete upgrade path, and available license information. Reports can be generated in HTML, PDF, or JSON formats, making them suitable for distribution to legal counsel, CISOs, or for use within developer toolchains. Reports can be requested on-demand or generated continuously as part of an automated workflow. The tool performs non-invasive surface-level scanning — it does not require access to source code for its web-based scan mode, though a command-line scanner is available for deeper source code analysis. Each website is analysed only once per scan request. Scans typically complete within two minutes, with results accessible via a dashboard. Users can also request deletion of their reports after review.