OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
security-audit
containers
dependency-analysis
vex
compliance
cve
sca
vulnerability-scanners
security-tools
devsecops
reachability-analysis
sbom
cyclonedx
supply-chain-security
risk-audit
dependency-audit
-
Updated
Jun 4, 2024 - Python