Top 11 Open-Source Alternatives to OWASP Dependency-Check

OWASP Dependency-Check

OWASP dependency-check is open-source and can be used to scan Java and .NET applications via the CLI or using plugins.Read articles Continuous Security with OWASP Dependency Check and Integrating OWASP Dependency Check with Jenkins to CI/CD.

(0 reviews)

Post a review

Visit website Alternatives Status Page

Verify OWASP Dependency-Check Edit

Product categories

BitBucket Clean Code Code Analysis Code Coverage Code Quality Code Review Coding Developer Tools Open Source Security Security Monitoring Web Application Security

Summary

The top open-source alternatives to OWASP Dependency-Check are Snyk, SonarQube, and Dependency-Check. One of the criteria for ordering this list is the number of mentions that products have on reliable external sources. You can suggest additional sources through the form here.

Snyk Landing Page
1

Snyk

Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
Pricing:
- Open Source
#Open Source #Security Monitoring #Security 104 social mentions
SonarQube Landing Page
2

SonarQube

SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Pricing:
- Open Source
- Freemium
- Free Trial
- $150.0 / Annually
#Open Source #Code Review #Developer Tools 1 social mentions
Dependency-Check Landing Page
3

DC

Dependency-Check

Dependency-Check is a utility that identifies project dependencies and checks if there are any...
Pricing:
- Open Source
#Open Source #Security Monitoring #Security 17 social mentions
OWASP Dependency-Track Landing Page
4

OWASP Dependency-Track

OWASP Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows...
Pricing:
- Open Source
#Open Source #Security #Code Coverage 19 social mentions
FOSSA Landing Page
5

FOSSA

Open source license compliance and dependency analysis
Pricing:
- Open Source
#Open Source #Web Application Security #Security 8 social mentions
Semgrep Landing Page
6

Semgrep

Semgrep is a fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time.
Pricing:
- Open Source
#Security #Code Coverage #Code Quality 8 social mentions
CodeClimate Landing Page
7

CodeClimate

Code Climate provides automated code review for your apps, letting you fix quality and security issues before they hit production. We check every commit, branch and pull request for changes in quality and potential vulnerabilities.
Pricing:
- Open Source
#Code Review #Code Coverage #Code Quality 14 social mentions
SpotBugs Landing Page
8

SpotBugs

Static Application Security Testing (SAST)
Pricing:
- Open Source
#Web Application Security #Code Review #Security & Privacy 4 social mentions
ESLint Landing Page
9

ESLint

The fully pluggable JavaScript code quality tool
Pricing:
- Open Source
#Developer Tools #Code Coverage #Code Quality 265 social mentions
Cppcheck Landing Page
10

Cppcheck

Cppcheck is an analysis tool for C/C++ code. It detects the types of bugs that the compilers normally fail to detect. The goal is no false positives. CppCheckDownload cppcheck for free.
Pricing:
- Open Source
#Code Review #Code Coverage #Development 10 social mentions
Violinist.io Landing Page
11

Violinist.io

Automatically update your composer (php) dependencies
Pricing:
- Open Source
- Freemium
- Free Trial
- $10.0 / Monthly (5 private projects)
#Software Development #Security #PHP 1 social mentions