Tool and Usage
Why this tool?
When having applications deployed in your environment, not all of those may be installed via a package manager. When your infrastructure grows, it becomes even harder to know which tools are properly patched and which ones are not. For Python applications, this is where Safety comes in that can help scan installed software components via pip. It will also look at any of the dependencies that are installed.
How it works
To perform a scan, provide a Python requirements file or the output of 'pip freeze'. Then any installed components will be compared with a database. Different sources, like the changelog, will be used to determine which package has a particular issue.
Usage and audience
Safety is commonly used for penetration testing, security assessment, security monitoring, or vulnerability scanning. Target users for this tool are developers, pentesters, and security professionals.
- Command line interface
- Integration with continuous integration/delivery (CI/CD)
- Tool allows multiple integrations
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 10 contributors
- + The source code of this software is available
Supported operating systems
Safety is known to work on Linux.
Several dependencies are required to use Safety.
Similar tools to Safety:
Archery is a Django-based application to perform vulnerability assessments and do vulnerability management.
Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
This tool page was updated at . Found an improvement? Help the community by submitting an update.