Dependency Scanning
Browse 53 dependency scanning tools
FEATURED
SCA tool that scans open-source dependencies for vulnerabilities and malware
SCA tool that scans open-source dependencies for vulnerabilities and malware
Software supply chain security platform detecting malware in dependencies
Software supply chain security platform detecting malware in dependencies
Detects malicious open-source packages across SDLC using 410K+ package database
Detects malicious open-source packages across SDLC using 410K+ package database
SCA tool for identifying & remediating open-source vulnerabilities & risks
SCA tool for identifying & remediating open-source vulnerabilities & risks
SCA tool for detecting vulnerabilities & license risks in open-source deps
SCA tool for detecting vulnerabilities & license risks in open-source deps
Software supply chain security platform with SCA, package firewall & threat intel
Software supply chain security platform with SCA, package firewall & threat intel
SCA tool detecting vulnerabilities in third-party libraries at runtime & build
SCA tool detecting vulnerabilities in third-party libraries at runtime & build
DevSecOps platform for app security with SAST, DAST, SCA, and API testing
DevSecOps platform for app security with SAST, DAST, SCA, and API testing
SCA tool for code scanning, license identification, and SBOM generation
SCA tool for code scanning, license identification, and SBOM generation
SCA platform for managing open source vulnerabilities across SDLC
SCA platform for managing open source vulnerabilities across SDLC
SCA tool for identifying vulnerabilities in open-source dependencies
SCA tool for identifying vulnerabilities in open-source dependencies
Automated SCA tool for open source dependency management and vulnerability remediation
Automated SCA tool for open source dependency management and vulnerability remediation
Enterprise SCA tool for scanning & remediating vulnerable open source dependencies
Enterprise SCA tool for scanning & remediating vulnerable open source dependencies
Vulnerability detection dataset for declared & undeclared dependencies in code
Vulnerability detection dataset for declared & undeclared dependencies in code
OpenSCA Project is a dependency security scanner that runs in the browser.
OpenSCA Project is a dependency security scanner that runs in the browser.
SCA tool for vulnerability detection, malicious code identification & remediation
SCA tool for vulnerability detection, malicious code identification & remediation
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
AI-native AppSec platform with SAST, SCA, container & dependency mgmt.
AI-native AppSec platform with SAST, SCA, container & dependency mgmt.
Code quality and security platform with SAST, SCA, and AI-powered remediation
Code quality and security platform with SAST, SCA, and AI-powered remediation
Code security and quality platform with SAST, SCA, DAST, and AI code protection
Code security and quality platform with SAST, SCA, DAST, and AI code protection
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
