0
I Use This!
Very High Activity
Analyzed about 2 hours ago. based on code collected about 20 hours ago.

Project Summary

Dependency-Track is a continuous SBOM analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track support SBOM, SaaSBOM, HBOM, VDR, and VEX in the OWASP CycloneDX format.

Tags

cicd CycloneDX devops devsecops EO14028 HBOM inventory SaaSBOM SBOM security securityscanner SPDX vulnerability-management vulnerability-scanner vulnerabilityscanner

In a Nutshell, OWASP Dependency-Track...

GNU General Public License v3.0 or later
Permitted

Commercial Use

Modify

Distribute

Place Warranty

Use Patent Claims

Forbidden

Sub-License

Hold Liable

Required

Distribute Original

Disclose Source

Include Copyright

State Changes

Include License

Include Install Instructions

These details are provided for information only. No information here is legal advice and should not be used as such.

Project Security

Vulnerabilities per Version ( last 10 releases )

There are no reported vulnerabilities

Project Vulnerability Report

Security Confidence Index

Poor security track-record
Favorable security track-record

Vulnerability Exposure Index

Many reported vulnerabilities
Few reported vulnerabilities

Did You Know...

  • ...
    in 2016, 47% of companies did not have formal process in place to track OS code
  • ...
    by exploring contributors within projects, you can view details on every commit they have made to that project
  • ...
    65% of companies leverage OSS to speed application development in 2016
  • ...
    check out hot projects on the Open Hub
About Project Security

Languages

XML
56%
Java
40%
8 Other
4%

30 Day Summary

Apr 23 2024 — May 23 2024

12 Month Summary

May 23 2023 — May 23 2024
  • 3950 Commits
    Up + 519 (15%) from previous 12 months
  • 63 Contributors
    Down -18 (22%) from previous 12 months