GitHub - eclipse/steady: Analyses your Java and Python applications for open -source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Open Source Security and Dependency Management | Sonatype
Introducing the Open Source Insights Project | Google Open Source Blog
Slizaa
Vulnerability management in dependencies in CI / CD environments with Open Source tools | BBVA
Automate dependency analytics with GitHub Actions | Red Hat Developer
Top 12 Open Source Code Security Tools - Spectral
Open Source Compliance and Security - FossID
Slizaa
FOSSLight | Open Source Governance with FOSSLight
Checkov 2.0 Launches as the First Open-Source Cloud Infrastructure Scanner With Dependency Awareness - Digital IT News
Bytesafe Javascript Dependency Checker | Bytesafe
Open Source Detection | Synopsys
Top 12 Open Source Code Security Tools - Spectral
2021 State of the Software Supply Chain: Open Source Security and Dependency Management Take Center Stage
Open Source Detection | Synopsys
Analyzing the Impact of Open Source Dependencies
10 Best Application Dependency Mapping Tools: Free, Open Source, & Paid - DNSstuff
Top 12 Open Source Code Security Tools - Spectral
OWASP - Dependency Check
Open Source CMDB | The APM Blog | AppDynamics
Dependency Check Guide on Finding Vulnerabilities in Open-source Software
New Google tool reveals dependencies for open source projects - Help Net Security
