Package Security
Browse 0 cybersecurity solutions, with 0 security professionals searching monthly
FEATURED
OpenSCA Project is a dependency security scanner that runs in the browser.
Detects foreign adversarial influence in open source software dependencies.
Identifies and helps remediate end-of-life open source dependencies.
AI-driven platform that patches OSS CVEs in-place without version upgrades.
Detects and blocks malicious/vulnerable open source packages in supply chains.
Database for researching & tracking open source components with safety scores.
Tool for searching, comparing, and evaluating open source dependencies.
Malware-resistant software libraries rebuilt from source for multiple languages
Software supply chain security platform detecting malware in dependencies
Detects malicious open-source packages across SDLC using 410K+ package database
Software supply chain security platform with SCA, package firewall & threat intel
npm-zoo is a curated database of known malicious NPM packages that helps developers and security researchers identify and avoid potentially harmful dependencies in their projects.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
A security tool that detects potential Dependency Confusion attack vectors by identifying private package names that are not reserved on public registries.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
