Understanding the need for automated open source dependency vetting
It has been estimated that Free and Open Source Software (FOSS) constitutes 70-90% of any given piece of modern software solutions. SourceIndustry dependency on OSS will only increase. We need better tooling to help security engineering teams to safely consume OSS components.
vet
solves the problem of OSS dependency vetting by providing a policy driven automated analysis of libraries. It can be seamlessly integrated with any CI tool or used in local environments.