SOOS

Modern AppSec

Node.js Vulnerability Scanner

SOOS provides a deep dependency tree scan to detect open source security vulnerabilities in your Node.js project.

SCAN YOUR CODE
AND TRY FOR FREE!*

Unlimited Projects. Unlimited Users. Unlimited Scans.
No credit card is required.

Sign up now
lock & key

Find. Prioritize. Fix. Monitor.

Node open source intelligence
and open source license
management for all your teams.

SOOS seamlessly integrates with your code repository, CI/CD pipeline and workflow management tools. Setup is fast and easy so that you can start real-time scanning for open-source Node.js vulnerabilities in minutes. Implement timely fixes with integration into your CI/CD system and workflow system of choice.

laptop
tablet

SOOS does not scan through your source code. SOOS analyzes the data in your Node.js manifest files, including development dependencies, to find existing security vulnerabilities in your open-source components.

The Node.js manifest formats that we currently support are

  • package.json
  • package.lock.json

Integrations

Ruby Logo
.NET Logo
JavaScript Logo
PHP Logo
Gradle Logo
Rust Logo
Dart Logo
Homebrew Logo
Elixir Logo
Erlang Logo

We support major programming languages.

Java LogoJava
Python LogoPython
Ruby LogoRuby
.NET Logo.NET
JavaScript LogoJavaScript
PHP LogoPHP
Gradle LogoGradle
Rust LogoRust
Dart LogoDart
Homebrew LogoHomebrew
Elixir LogoElixir
Erlang LogoErlang

SOOS builds a comprehensive database by following the deep dependency tree of any open source project to find reported vulnerabilities and remediations (including those found deep in open source code project repositories like Github security issues) which is used by SOOS’s cloud-based software vulnerability scanner. This means you don’t miss important warnings about libraries/packages you have included in your Node.js application.

Don’t ignore your open source code any longer

Sign up now