VulnDB Connector for GitHub

Used by: DevSecOps | Governance & Management

GitHub is a development platform inspired by the way you work. From open source to business, you can host and review code, manage projects, and build software alongside 40 million developers.

VulnDB and GitHub

VulnDB can automatically generate an Application that matches the dependencies used in your project. Please provide us with a name for your Application, and up to 3 dependency files. Currently, we support the following languages and file types:

• .NET:packages.config
• Java:pom.xml
• JavaScript:package-lock.json, yarn.lock, package.json
• PHP:composer.lock
• Python:requirements.txt, Pipfile, Pipfile.lock
• Ruby:Gemfile.lock

About VulnDB

VulnDB is the most comprehensive and timely vulnerability intelligence available and provides actionable information about the latest in security vulnerabilities via an easy-to-use SaaS Portal, or a RESTful API for easy integration into GRC tools and ticketing systems. VulnDB allows organizations to search on and be alerted to the latest vulnerabilities, both in end-user software and the third-party libraries or dependencies that help build applications.

A subscription to VulnDB provides organizations with simple to understand ratings and metrics on their vendors and products, and how each contributes to the organization’s risk-profile and cost of ownership.