OWASP Dependency-Track
Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party an...
- Free • Open Source
- Mac
- Windows
- Linux
- Self-Hosted
What is OWASP Dependency-Track?
Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components. Dependency-Track takes a unique and highly beneficial approach by leveraging the capabilities of Software Bill of Materials (SBOM). This approach provides capabilities that traditional Software Composition Analysis (SCA) solutions cannot achieve.
Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in Continuous Integration (CI) and Continuous Delivery (CD) environments.
OWASP Dependency-Track Screenshots
OWASP Dependency-Track Features
OWASP Dependency-Track information
- Developed bySteve Springett
- LicensingOpen Source (Apache-2.0) and Free product.
- Written in
- Alternatives7 alternatives listed
Supported Languages
- English
GitHub repository
- 1,758 Stars
- 425 Forks
- 552 Open Issues
- Updated
Comments and Reviews
Tags
- bom-management
- nvd
- owasp
- software-security
- sca
- license-policy
- security-policy
- spdx
- security-utilities
- appsec
- bill-of-materials
- cyclonedx
- vulndb
- component-analysis
- Software composition analysis
- package-url
Category
Security & PrivacyList containing OWASP Dependency-Track
OpenSourceRecent user activities on OWASP Dependency-Track
alohalex thinks Dependency Track SaaS is an alternative to OWASP Dependency-Track- alohalex liked OWASP Dependency-Trackal
- YourSky_blue thinks Dependency Track SaaS is an alternative to OWASP Dependency-Track