Integrate open source vulnerability information across your development toolchain with pre-built tools and applications.
Ahab is a tool to check for vulnerabilities in your apt or yum powered operating systems
Audits an NPM project
Audit.NET is a Visual Studio extension that highlights NuGet package dependencies with security vulnerabilities
Dependency vulnerability auditor for PHP
A Cargo subcommand for reporting on vulnerable dependencies
Serving Open Source Components Since 2002
Find vulnerabilities in Ruby gems
Cheque helps you by finding all libraries used by your C/C++ projects and retrieving known vulnerabilities.
OWASP Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.
Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
Sonatype DepShield is a GitHub App used by developers to identify and remediate vulnerabilities in their open source dependencies.
Open-source, cross-platform, multi-purpose security auditing tool
Find package vulnerabilities in Golang binaries
Dependency audit plugin for Gradle
An OSS Index integration to check your Conda environments for vulnerable Open Source packages
Dependency audit plugin for Maven
Use Maven-Enforcer plugin to ban vulnerable dependencies from inclusion project builds.
A tool to check for vulnerabilities in your Golang dependencies
Audit Python packages for known vulnerabilities
A suite of tools to assist with reviewing Open Source Software dependencies.
Find vulnerabilities in R packages
Scan your libraries against either the free OSS Index vulnerability database or the Sonatype Nexus IQ Server.