SonarQube - SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Snyk - Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
Dependabot - Automated dependency updates for your Ruby, Python, JavaScript, PHP, .NET, Go, Elixir, Rust, Java and Elm.
WhiteSource - Find & fix security and compliance issues in open source libraries in real-time.
Checkmarx - The industry’s most comprehensive AppSec platform, Checkmarx One is fast, accurate, and accelerates your business.
WhiteSource Bolt - WhiteSource Bolt is a free developer tool for finding and fixing open source vulnerabilities. WhiteSource Bolt has an app on GitHub, as well as an extension for Azure Devops