Node.js Vulnerability Scanner
SOOS provides a deep dependency tree scan to detect open source security vulnerabilities in your Node.js project.
SCAN YOUR CODE
AND TRY FOR FREE!*
Unlimited Projects. Unlimited Users. Unlimited Scans.
No credit card is required.
Find. Prioritize. Fix. Monitor.
Node open source intelligence
and open source license
management for all your teams.
SOOS seamlessly integrates with your code repository, CI/CD pipeline and workflow management tools. Setup is fast and easy so that you can start real-time scanning for open-source Node.js vulnerabilities in minutes. Implement timely fixes with integration into your CI/CD system and workflow system of choice.
SOOS does not scan through your source code. SOOS analyzes the data in your Node.js manifest files, including development dependencies, to find existing security vulnerabilities in your open-source components.
The Node.js manifest formats that we currently support are
We support major programming languages.
SOOS builds a comprehensive database by following the deep dependency tree of any open source project to find reported vulnerabilities and remediations (including those found deep in open source code project repositories like Github security issues) which is used by SOOS’s cloud-based software vulnerability scanner. This means you don’t miss important warnings about libraries/packages you have included in your Node.js application.