SOOS

Modern AppSec

Java Vulnerability Scanner

Soos provides a deep dependency tree scan for Java open source package vulnerabilities and licenses.

SCAN YOUR CODE
AND TRY FOR FREE!*

Unlimited Projects. Unlimited Users. Unlimited Scans.
No credit card is required.

Sign up now
lock & key

Find. Prioritize. Fix. Monitor.

Java open source intelligence
and open source license
management for all your teams.

SOOS seamlessly integrates with your code repository, CI/CD pipeline and workflow management tools. Setup is fast and easy; you can start real-time scanning for Java open-source vulnerabilities in minutes. Monitor and fix vulnerabilities with integration into your CI/CD workflow.

laptop
tablet

SOOS supports vulnerability analysis in Java projects built with Maven.

SOOS doesn’t look at your source code–we process project resources and dependencies from project manifest files in the following formats:

  • pom.xml
  • .pom

Integrations

Ruby Logo
.NET Logo
JavaScript Logo
PHP Logo
Gradle Logo
Rust Logo
Dart Logo
Homebrew Logo
Elixir Logo
Erlang Logo

We support major programming languages.

Java LogoJava
Python LogoPython
Ruby LogoRuby
.NET Logo.NET
JavaScript LogoJavaScript
PHP LogoPHP
Gradle LogoGradle
Rust LogoRust
Dart LogoDart
Homebrew LogoHomebrew
Elixir LogoElixir
Erlang LogoErlang

SOOS builds a deep dependency tree from your Maven POM file and checks everything against known vulnerabilities by monitoring vulnerability reporting databases as well as security advisories in GitHub. This means you won’t miss any critical warnings or newly documented issues in the libraries/packages that your software relies on. Is your product using other non-Java/MAVEN open source libraries or packages? SOOS also supports vulnerability analysis for: Node/NPM, Ruby, Python and .NET/NuGet.

Don’t ignore your open source code any longer

Sign up now