Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Integrates Dependency-Check reports into SonarQube

A simple Java command-line utility to mirror the CVE JSON data from NIST.

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

A Java library for calculating CVSSv2 and CVSSv3 scores and vectors

Allows importing of CVE Data from NVD into PostgreSQL. By taking in JSON data and converting it to a more usable relational dataset