Safety
Tool and Usage
Project details
- License
- MIT
- Programming language
- Python
- Author
- Jannis Gebauer
- Latest release
- 3.2.10
- Latest release date
Project health
Why this tool?
When having applications deployed in your environment, not all of those may be installed via a package manager. When your infrastructure grows, it becomes even harder to know which tools are properly patched and which ones are not. For Python applications, this is where Safety comes in that can help scan installed software components via pip. It will also look at any of the dependencies that are installed.
How it works
To perform a scan, provide a Python requirements file or the output of 'pip freeze'. Then any installed components will be compared with a database. Different sources, like the changelog, will be used to determine which package has a particular issue.
Usage and audience
Safety is commonly used for penetration testing, security assessment, security monitoring, or vulnerability scanning. Target users for this tool are developers, pentesters, and security professionals.
Features
- Command line interface
- Integration with continuous integration/delivery (CI/CD)
- Tool allows multiple integrations
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + More than 10 contributors
- + The source code of this software is available
Installation
Supported operating systems
Safety is known to work on Linux.
Dependencies
Several dependencies are required to use Safety.
- click
- packaging
- requests
- setuptools
Safety alternatives
Similar tools to Safety:
Archery
Archery is a Django-based application to perform vulnerability assessments and do vulnerability management.
Dagda
Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.
OpenVAS
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a Linux vulnerability scanning tool, Python security tool, and vulnerability scanner.