Integrate open source vulnerability information across your development toolchain with pre-built tools and applications.


Audits an NPM project


Audit.NET is a Visual Studio extension that highlights NuGet package dependencies with security vulnerabilities

The Central Repository

Serving Open Source Components Since 2002

Dependency Check

OWASP Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.

Dependency Track

Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components.

Sonatype DepShield

Sonatype DepShield is a GitHub App used by developers to identify and remediate vulnerabilities in their open source dependencies.


Open-source, cross-platform, multi-purpose security auditing tool


Dependency audit plugin for Gradle


Dependency audit plugin for Maven

Maven Enforcer

Use Maven-Enforcer plugin to ban vulnerable dependencies from inclusion project builds.


A tool to check for vulnerabilities in your Golang dependencies


Audit Python packages for known vulnerabilities