Google OSV-Scanner - Vulnerability Detection for Dependencies

When to Use OSV-Scanner

Ideal scenarios:

• Software Composition Analysis (SCA)
• Dependency vulnerability scanning
• License compliance checking
• SBOM (Software Bill of Materials) analysis
• Container image vulnerability scanning
• Supply chain security assessment
• CI/CD security gates for dependencies
• Open source risk management

Complements other tools: