Dependency Scanning
Explore 49 curated cybersecurity tools, with 15,190 visitors searching for solutions
FEATURED
SCA tool for detecting vulnerabilities & license risks in open-source deps
SCA tool for detecting vulnerabilities & license risks in open-source deps
Software supply chain security platform with SCA, package firewall & threat intel
Software supply chain security platform with SCA, package firewall & threat intel
SCA tool detecting vulnerabilities in third-party libraries at runtime & build
SCA tool detecting vulnerabilities in third-party libraries at runtime & build
DevSecOps platform for app security with SAST, DAST, SCA, and API testing
DevSecOps platform for app security with SAST, DAST, SCA, and API testing
SCA tool for code scanning, license identification, and SBOM generation
SCA tool for code scanning, license identification, and SBOM generation
SCA platform for managing open source vulnerabilities across SDLC
SCA platform for managing open source vulnerabilities across SDLC
SCA tool for identifying vulnerabilities in open-source dependencies
SCA tool for identifying vulnerabilities in open-source dependencies
Automated SCA tool for open source dependency management and vulnerability remediation
Automated SCA tool for open source dependency management and vulnerability remediation
SCA tool for open source vulnerability detection and license compliance
SCA tool for open source vulnerability detection and license compliance
Enterprise SCA tool for scanning & remediating vulnerable open source dependencies
Enterprise SCA tool for scanning & remediating vulnerable open source dependencies
Vulnerability detection dataset for declared & undeclared dependencies in code
Vulnerability detection dataset for declared & undeclared dependencies in code
OpenSCA Project is a dependency security scanner that runs in the browser.
OpenSCA Project is a dependency security scanner that runs in the browser.
SCA tool for vulnerability detection, malicious code identification & remediation
SCA tool for vulnerability detection, malicious code identification & remediation
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
AI-native AppSec platform with SAST, SCA, container & dependency mgmt.
AI-native AppSec platform with SAST, SCA, container & dependency mgmt.
Data Theorem API Secure is an application security platform that combines SAST, DAST, IAST, and SCA testing methodologies to provide comprehensive security assessment and monitoring for APIs and modern applications throughout their development lifecycle.
Data Theorem API Secure is an application security platform that combines SAST, DAST, IAST, and SCA testing methodologies to provide comprehensive security assessment and monitoring for APIs and modern applications throughout their development lifecycle.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
A command line tool that automates vulnerability scanning of Ruby gems and Rails stack components by identifying CVE vulnerabilities in detected technology versions.
A command line tool that automates vulnerability scanning of Ruby gems and Rails stack components by identifying CVE vulnerabilities in detected technology versions.
