Vulnetix
Try Vulnetix Request Demo
Tool integration

OSV Scanner Integration Guide

Google open-source vulnerability scanner

Get a Free API Key

Integrate OSV Scanner with Vulnetix. Scan dependencies against the OSV database with native SARIF and CycloneDX output.

CLI toolSARIFCycloneDX

Install & scan

$ go install github.com/google/osv-scanner/v2/cmd/osv-scanner@latest
$ osv-scanner scan -r --format sarif --output osv.sarif .

Run OSV Scanner in CI

Scan on every push and upload the results to Vulnetix:

- name: Install OSV Scanner
  run: go install github.com/google/osv-scanner/v2/cmd/osv-scanner@latest
- name: Run OSV Scanner
  run: osv-scanner scan -r --format sarif --output osv.sarif .
- name: Upload to Vulnetix
  run: vulnetix upload --file osv.sarif

Centralise OSV Scanner results in Vulnetix

Upload OSV Scanner SARIF, CycloneDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.

OSV Scanner documentation ↗  ·  Source repository ↗

Wire OSV Scanner into your CI/CD pipeline →