Python Vulnerability Scanner
SOOS provides a deep dependency tree scan for Python open source package vulnerabilities for your entire team.
SCAN YOUR CODE
AND TRY FOR FREE!*
Unlimited Projects. Unlimited Users. Unlimited Scans.
No credit card is required.

Find. Prioritize. Fix. Monitor.
Python open source intelligence
and open source license
management for all your teams.
SOOS seamlessly integrates with your code repository, CI/CD pipeline, and workflow management tools. Setup is fast and easy so that you can start real-time scanning and fixing of your project’s Python open-source vulnerabilities in minutes.


SOOS supports vulnerability analysis in versions Python 2.7 and greater (including Python 3.9). SOOS doesn’t look at your source code but processes data from your manifest files to look for vulnerabilities and implement fixes.
The following Python manifest file formats are currently supported:
- pipfile.lock (lock file)
- poetry.lock (lockfile)
- pipfile
- pyproject.toml
- requirements.txt files that fit the expression:*req.*\\.txt
Integrations










We support major programming languages.












SOOS builds a deep dependency tree from your manifest files and finds security vulnerabilities by monitoring the NVD CVE database, as well as GitHub issues data. That means you never miss critical warnings and issues relating to the open-source libraries and packages your software relies on. Is your product using other non Python open source libraries or packages? SOOS also supports vulnerability analysis for: Node/NPM, Ruby, Java/Maven and .NET/NuGet.