-
Notifications
You must be signed in to change notification settings - Fork 310
Similar Tools
Martin Nonnenmacher edited this page Dec 29, 2022
·
1 revision
This is a lose (ever growing) collection of commercial tools that (partly) fulfill a similar purpose as ORT, might be competing to some extend, and / or for which ORT offers an integration.
| Tool (alphabetical order) | Comment |
|---|---|
| Black Duck SCA | Supports both "build detectors" and "buildless detectors". |
| BlackBerry Jarvis | Software composition analysis and security testing for embedded systems. |
| Cybellum | |
| Debricked | Uses SCANOSS for snippet scanning. |
| FOSSA | |
| FossID | Can use ORT for dependency analysis. Was acquired by Snyk. |
| Nexus IQ | Both "binary" and "manifest" analysis. and Also see the Sonatype OSS Index and Sonatype Lift. |
| Snyk | |
| WhiteSource |
This is a lose (ever growing) collection of Open Source tools that (partly) fulfill a similar purpose as ORT, esp. when it comes to dependency analysis, and / or for which ORT offers an integration.
| Tool (alphabetical order) | Comment | Capabilities (*) |
|---|---|---|
| Bibliothecary | Powers https://libraries.io/. | Dependency Analysis |
| Component Detection | Dependency Analysis | |
| Dependency-Check | Part of OWASP, companion to Dependency-Track. | Dependency Analysis |
| FOSSA-CLI / Spectrometer | Powers FOSSA. | Dependency Analysis (also see language strategies and supported languages) |
| FOSSLight Hub | Originally created by LG Electronics. | Dependency Analysis, License Scanning, Snippet Scanning, Vulnerability Reporting |
| it-depends | Dependency Analysis, Vulnerability Reporting | |
| LicenseFinder | Powers by default GitLab's license management. | Dependency Analysis, License Scanning |
| ScanCode | ORT's default scanner. | License Scanning |
| SCANOSS | First Open Source snippet scanner. | Snippet Scanning |
| Synopsys Detect | Formerly known as Black Duck Hub Detect. | Dependency Analysis |
(*) One or more of: Dependency Analysis, License Scanning, Snippet Scanning, Vulnerability Reporting
______________________________
/ \_______ \__ ___/ The OSS Review Toolkit, version 1.0.0.
| | | | _/ | |
| | | | | \ | | Running 'wiki' as 'ort' under Java on GitHub
\________/ |____|___/ |____| with a lot of CPUs and a maximum amount of memory.