Soos provides a deep dependency tree scan for Ruby open source package vulnerabilities.
Ruby Vulnerability Scanner
cover your entire team for
Cover your entire team for only $99
per month
Scan your code
with a FREE TRIAL
No credit card required.
Find.
Prioritize.
Fix.
Monitor.
Prioritize.
Fix.
Monitor.
Ruby open source intelligence
and open source license
management for all your teams.
SOOS seamlessly integrates with your code repository, CI/CD pipeline and workflow management tools. Setup is fast and easy; you can start real-time scanning for open-source vulnerabilities in your Ruby project within minutes. Research and fix vulnerabilities and other security issues with integration into your CI/CD system of choice. 
SOOS supports integration with the following tools
SOOS supports vulnerability analysis in Ruby Gem Files. SOOS doesn’t look at your source code, but scans through the dependency metadata in your Gemfile to find security vulnerabilities and offer fixes.
The Gemfile formats that we currently support are:
- gemfile.lock (lock file)
- gemfile
TRY NOW FOR FREE
SOOS builds a deep dependency tree from your Gemfile, and checks everything against known vulnerabilities by monitoring the NVD CVE database as well as security advisories in GitHub. This means you won't miss any critical new warnings about the libraries/packages that your Ruby app relies on. Does your project use other open source libraries or packages? SOOS also supports vulnerability analysis for: Node/NPM, Python, Java/Maven and .NET