OWASP Dependency-Check
Other tools ยท Free SCA, compliance-driven dependency audits
At a glance
| Pricing | Free |
| Setup effort | Medium |
| Released | 2012 |
| Open source | Yes |
| Interface | CLI / CI plugins |
| Languages | Java, .NET, JS, Python, Ruby, PHP, more |
| Hosting | Self-hosted |
| Category | Security scanning |
| Capabilities | SCA, NVD-backed CVE scanning, CI plugins (Maven, Gradle, Jenkins) |
What OWASP Dependency-Check does
SCA, NVD-backed CVE scanning, CI plugins (Maven, Gradle, Jenkins)
Best for
Free SCA, compliance-driven dependency audits
Works well with
LLM Provider / Model
Integration
Agent / Orchestration
Conflicts & caveats
No known compatibility conflicts detected.
Build a full stack around OWASP Dependency-Check โ Flowpicker shows compatibility warnings before you commit.
Open the stack planner โ