Socket is an AI-powered supply chain security tool that detects malicious and risky open-source packages before they enter your codebase. Unlike traditional SCA tools, Socket proactively analyzes package behavior to catch supply chain attacks, typosquatting, and obfuscated malware in real time.
Category
Security
Subcategory
Vulnerability Scanning
Free Tier
Free for public repositories
Paid Plans
Team from $10/developer/month, Enterprise pricing available
API Cost
Not available yet
Web AppAPICLI
● certified · ○ not verified
Compliance data is community-sourced and may be incomplete or out of date. Always verify certifications directly with the vendor's official trust or security page before relying on them.
Self-hostable
No
Some data-handling details aren't verified yet. Help verify this data ↗
Malicious package detectionSupply chain attack preventionDependency risk assessmentCI/CD security integrationGitHub PR security checks
// MORE IN VULNERABILITY SCANNING
SecurityVulnerability Scanning
#code-analysis#security
SecurityVulnerability Scanning
#secrets detection#credential scanning
SecurityVulnerability Scanning
#static analysis#sast