Skip to main content

Community and language coverage

The Spectra Assure platform supports a variety of communities, programming languages, and associated file formats. A specific set of features is available for each of those categories.

The lists of supported communities and programming languages can be found in the tables below.

For every supported community and programming language, the tables cover the following information:

  • Community Support/Programming language - the supported communities, programming languages, and frameworks
  • Code Analysis - the supported file formats and environments on which Spectra Assure products can perform static analysis
  • Packages - the supported package formats, libraries, and package managers
  • Dedicated Policies - indicates if there are dedicated Spectra Assure policies for the community/language
  • Threat Detection - indicates if the Spectra Assure platform identifies threats targeting the community/language
  • Behavioral Analysis - indicates if the Spectra Assure platform performs code intent analysis
  • Known Vulnerabilities - indicates if the Spectra Assure platform detects publicly disclosed vulnerabilities (CVE)

Community coverageโ€‹

Community SupportCode AnalysisPackagesDedicated PoliciesThreat DetectionBehavioral AnalysisKnown Vulnerabilities
WindowsCompiled code
  • PE: x86, arm, chpe
Library code
  • LIB
  • Windows (MSI, MSIX, APPX, WIM)
  • Installers (NSIS, InnoSetup, InstallShield, Wise, Actual Installer, Advanced Installer, DreamShield, Install Anywhere, WiX Toolset, SFX Archives)
  • Documents (Microsoft Office, CHM, RTF, CRTF)
  • Multimedia (BMP)
โœ”๏ธ1โœ”๏ธโœ”๏ธโœ”๏ธ2
LinuxCompiled code
  • ELF: x86, arm, mips
Library code
  • A/AR
  • Debian (DEB, UDEB)
  • RedHat (RPM, DRPM)
  • Alpine (APK)
  • Documents (OpenOffice, LibreOffice, PDF, HTML)
  • Multimedia (GIF, PNG, JPEG, TIFF, SVG)
โœ”๏ธ1โœ”๏ธโœ”๏ธโœ”๏ธ
MacCompiled code
  • MachO: x86, arm, ppc
  • MacOS (PKG, DMG, Universal)
โŒโœ”๏ธโŒโŒ
DevelopmentCI/CD and IDE plugins
  • VSCode (VSIX)
  • Jenkins (HPI)
โŒโœ”๏ธโœ”๏ธโœ”๏ธ
ContainersContainer images
  • Universal (ISO, UDF)
  • Windows (VHD:MBR NTFS/FAT/EXT)
  • Linux (OCI, LXD)
  • Docker (TAR)
  • Kaniko (TAR)
โœ”๏ธโœ”๏ธโœ”๏ธโœ”๏ธ

Language coverageโ€‹

NOTE

The --- symbols indicate that either no packages for the programming language are supported, or the feature is not applicable to the programming language.

Programming LanguageCode AnalysisPackagesDedicated PoliciesThreat DetectionBehavioral AnalysisKnown Vulnerabilities
C/C++Compiled code
  • PE: x86, arm, chpe
  • ELF: x86, arm, mips
  • MachO: x86, arm, ppc
---
โœ”๏ธ1โœ”๏ธโœ”๏ธโœ”๏ธ2
.NET (C#, F#, VB.NET)Compiled bytecode
  • CLR
  • NuGet (NUPKG)
โŒโœ”๏ธโœ”๏ธโœ”๏ธ
Visual BasicSource code
  • HTA, VBS, VBE, VBA
Compiled code
  • PE: x86, pcode
---
โœ”๏ธ1โœ”๏ธโœ”๏ธโŒ
DelphiCompiled code
  • PE: x86
---
โœ”๏ธ1โœ”๏ธโœ”๏ธโŒ
PythonPython Source
  • PY
Compiled bytecode
  • PYC
  • Wheel (WHL)
  • PyProject (Poetry, Flit, Setuptools)
  • Installers (Py2ExeInstaller, PyInstaller, PYZ)
โŒโœ”๏ธโœ”๏ธโœ”๏ธ
Node.jsSource code
  • JS
Compiled code
  • Electron
  • NPM (TGZ)
  • Electron (AppImage, ASAR)
โŒโœ”๏ธโœ”๏ธโœ”๏ธ
RubySource code
  • RB
  • RubyGems (GEM)
โŒโœ”๏ธโŒโœ”๏ธ
GoCompiled code
  • PE: x86, arm
  • ELF: x86, arm
  • MachO: x86, arm, ppc
---
โœ”๏ธ1โœ”๏ธโœ”๏ธโœ”๏ธ
RustCompiled code
  • PE: x86, arm
  • ELF: x86, arm
  • MachO: x86, arm, ppc
  • Cargo (TGZ)
โœ”๏ธ1โœ”๏ธโœ”๏ธโœ”๏ธ
JavaCompiled bytecode
  • CLASS
  • Scala
  • Maven (JAR, WAR)
โŒโœ”๏ธโœ”๏ธโœ”๏ธ
JavaScriptSource code
  • HTA, JS, JSE, TypeScript
Browser extension
  • XPI, OEX, CRX
---
โŒโœ”๏ธโœ”๏ธโŒ
AutoItSource code
  • AU3
Compiled code
  • PE: x86
---
โœ”๏ธ1โœ”๏ธโœ”๏ธ---
PowerShellSource code
  • BAT
  • PS
---
โŒโœ”๏ธโœ”๏ธ---
ShellSource code
  • SH
---
โŒโœ”๏ธโœ”๏ธ---
  1. Windows and Linux mitigation checks in compiled binaries onlyโ†ฉ
  2. Vulnerabilities in statically linked libraries onlyโ†ฉ