This is the official documentation website for safedep.io. Here you will find everything you need to know about using SafeDep vet and SafeDep Cloud to safeguard your application against open source software supply chain risks.

What is SafeDep vet?

SafeDep vet is a free, open-source next-generation software composition analysis (SCA) tool. It can be used in development, CI/CD, and production environments to protect against risky open source components. It is built in public at safedep/vet.

What is SafeDep Cloud?

SafeDep Cloud is a cloud operated service that provides a control plane for managing SafeDep vet along with additional services such as SBOM management, near real-time malicious package detection and more.

What’s Next?

Quick Start with vet

Start identifying OSS risks using our free, open-source tool

SafeDep Cloud

Scale risk governance across your entire organization

Integration Guides

Integrate with GitHub, GitLab, and other CI/CD platforms

Join Community

Connect with other security engineers and get support

Why Open Source Security Matters

It has been estimated that Free and Open Source Software (FOSS) constitutes 70-90% of any given piece of modern software solutions.
With this level of dependency on open source, security teams need automated tools to safely consume OSS components without slowing down development velocity.