OSS Index

Oct 2020

It's important for a development team to identify whether the dependencies of their application have known vulnerabilities. OSS Index could be used to achieve this goal. OSS Index is a free catalog of open-source components and scanning tools designed to help developers identify vulnerabilities, understand risk and keep their software safe. Our teams are already integrating this index into pipelines via different languages, including AuditJS and Gradle plugin. The speed is fast, vulnerabilities are identified accurately and few false positives occur.