NPMScan is described as 'Security analysis tool for the JavaScript ecosystem. It scans npm packages for malicious behavior and supply chain risks that are often invisible to developers. The scanner inspects scripts, dependencies, encoded payloads, metadata, and common attack patterns used' and is an website in the security & privacy category. There are more than 25 alternatives to NPMScan, not only websites but also apps for a variety of platforms, including SaaS, Mac, Self-Hosted and Windows apps. The best NPMScan alternative is GitHub, which is free. Other great sites and apps similar to NPMScan are Artemis Security Scanner, Mend Renovate, Libraries.io and Aikido Security.
Git hosting service offering version control, collaboration, and project management tools. Provides issue tracking, code review through pull requests, wikis, and deployment workflows.
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions.
Mend Renovate is a software product that helps developers automate dependency updates by identifying new package versions and delivering them to the application's codebase. It can generate pull requests and issues in the repository with details about the updates, including...
Discover open source libraries to use in your software projects and be notified of new releases to keep your applications up to date and secure.
Aikido Security is a developer-first software security platform. We scan your source code & cloud to show you which vulnerabilities are actually important to solve. Triaging is sped up by massively reducing false-positives and making CVEs human-readable.
Vulmon Alerts is how you proactively detect vulnerabilities. Subscribe to any query related to vulnerabilities and get alerted before hackers. Integrate vulnerability intelligence into your vulnerability management process.
Keep your dependencies on GitHub up to date without the automatic creation of the Pull Requests to update the dependency and checking for the known vulnerabilities.
https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/
Vulert notifies you if a SECURITY ISSUE is found in any of the open-source software you use. No installation needed.
Mend Bolt is designed to provide real-time security alerts and compliance issues related to your open source dependencies. It operates within Azure DevOps or GitHub, enabling you to identify and address open source vulnerabilities promptly.
Vulners is a high-quality correlated database of software vulnerabilities. Users can create a custom VM solution using our consolidated database through API, multiple vulnerability scanners, plugins, and many other security tools and integrations.
Depfu continuously updates your dependencies one at a time and creates a pull request with all the info you need. You stay in control.
United States
Poland
EU
Israel
United Kingdom
Denmark