Cloudbase Sensor Adds Support for Java and Python

Cloudbase Inc. has enhanced its domestic CNAPP 'Cloudbase' by extending the Cloudbase Sensor functionality to support Java and Python package scanning. This strengthens vulnerability visualization across diverse execution environments.
新製品NQ 48/100出典:PR Times

📋 Article Processing Timeline

  • 📰 Published: April 7, 2026 at 22:10
  • 🔍 Collected: April 7, 2026 at 13:30
  • 🤖 AI Analyzed: April 20, 2026 at 21:44 (320h 13m after Collected)

Cloudbase Inc. (Headquarters: Minato-ku, Tokyo; CEO: Koya Iwasa) announces that it has expanded the functionality of its Cloudbase Sensor, part of its domestic CNAPP (CSPM, SBOM, Vulnerability Management) 'Cloudbase', to newly include scanning capabilities for Java and Python packages.

This adds support for major languages such as Java and Python, in addition to the existing Node.js. It powerfully promotes the visualization of application vulnerabilities regardless of the environment, from on-premises to private clouds.

 Development Background

In recent years, with the growing risk of software supply chain attacks, the importance of understanding software composition through SBOM (Software Bill of Materials) and vulnerability management has been increasing.

While Cloudbase previously supported visualization for Node.js, we received earnest feedback from customers on the ground. There was a need to 'continuously grasp risks across languages in a wide variety of execution environments.' We have sincerely addressed this issue and have now decided to add support for Java and Python. This will enable more comprehensive SBOM-based vulnerability management without burdening the teams on-site.

 Update Overview

Java Package Scanning Support

Cloudbase Sensor automatically detects and analyzes JAR files (.jar / .war / .ear / .par) on the target system to collect Java package information.

It can scan all JARs on the file system, independent of build tools like Maven or Gradle.

Furthermore, nested JARs contained within Spring Boot fat JARs are also recursively analyzed.

Information to be collected:

  •  Package name (groupId:artifactId)

  • Version

  • Path information

  • Hash value

Python Package Scanning Support

It analyzes Python package metadata (.dist-info / .egg-info, etc.) to automatically collect installed packages.

It visualizes across multiple environments, including virtual environments (venv), independent of package managers like pip, conda, or uv.

Information to be collected:

    Back to Newsroom (51)