opensca-cli
« Back to VersTracker
Description:
OpenSCA is a supply-chain security tool for security researchers and developers
Type: Formula  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security sbom vulnerability supply-chain devsecops
Install: brew install opensca-cli
About:
OpenSCA CLI is a powerful tool designed to enhance software supply chain security by identifying vulnerabilities and license compliance issues in project dependencies. It supports multiple ecosystems and formats, including SBOM generation and analysis, enabling developers to proactively manage risks. The tool helps organizations adhere to security standards and best practices throughout the development lifecycle.
Key Features:
  • Multi-format SBOM generation and analysis (SPDX, CycloneDX)
  • Vulnerability detection for various ecosystems (Go, Java, Python, etc.)
  • License compliance checking
  • Software supply chain risk visualization
Use Cases:
  • CI/CD pipeline integration for automated security scanning
  • Auditing third-party dependencies for known vulnerabilities
  • Generating compliance reports for regulatory requirements
Alternatives:
  • syft – Syft focuses on generating SBOMs, while OpenSCA provides deeper analysis of vulnerabilities and compliance.
  • trivy – Trivy is a comprehensive scanner for containers and infra, whereas OpenSCA specializes in dependency and SBOM analysis.
Version History
Detected Version Rev Change Commit
Aug 12, 2024 10:08am 0 VERSION_BUMP 9ed4597b
Aug 12, 2024 4:14am 0 VERSION_BUMP f6eaee7a
Dec 25, 2023 1:56pm 0 VERSION_BUMP 4a303b71
Dec 21, 2023 1:53pm 0 VERSION_BUMP f13f1f33
Dec 18, 2023 4:15pm 0 VERSION_BUMP 24b8811c
Dec 15, 2023 11:26pm 0 VERSION_BUMP eea5c2a1
« Back to VersTracker  |  Browse Packages  |  About