OWASP Dependency-Check
OWASP dependency-check is open-source and can be used to scan Java and .NET applications via the CLI or using plugins.Read articles Continuous Security with OWASP Dependency Check and Integrating OWASP Dependency Check with Jenkins to CI/CD.
OWASP Dependency-Check Alternatives
The best OWASP Dependency-Check alternatives based on verified products, community votes, reviews and other factors.
Latest update:
-
SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
-
Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
-
Automated dependency updates for your Ruby, Python, JavaScript, PHP, .NET, Go, Elixir, Rust, Java and Elm.
-
The industry’s most comprehensive AppSec platform, Checkmarx One is fast, accurate, and accelerates your business.
-
WhiteSource Bolt is a free developer tool for finding and fixing open source vulnerabilities. WhiteSource Bolt has an app on GitHub, as well as an extension for Azure Devops
-
Find & fix security and compliance issues in open source libraries in real-time.
-
Automate your dependency updates
-
Dependency-Check is a utility that identifies project dependencies and checks if there are any...
-
Comprehensive docker security and container security. Full lifecycle protection, from vulnerability management to container native firewall solutions.
-
JFrog Xray is a universal software composition analysis (SCA) solution that natively integrates with Artifactory
-
Black Duck Software Composition Analysis (SCA) provides a solution for managing open source security, quality, and license compliance risks that comes from the use of open source and third-party code.
-
Get started with Google Chrome's built-in web developer tools.
-
Qualys helps your business automate the full spectrum of auditing, compliance and protection of your IT systems and web applications.