vet is an open source software supply chain security tool built for developers and security engineers for enforcing policy driven guardrails against risky open source packages. vet has a built-in code analysis engine to identify risky open source packages that actually impacts an application. vet leverage SafeDep's malicious package scanning infrastructure to provide near real-time protection against malicious open source packages.

Package Manager Guard (PMG) wraps popular package managers such as npm, pnpm, yarn, pip and more to proactively detect and prevent installation of malicious open source packages in developer machines.

xBOM is designed to build contextual bill of materials for a given software through static code analysis. While software composition analysis (SCA) tools build SBOM for 3rd party OSS usage in an application, xBOM augments them with information about AI / Crypto / SaaS BOM.