Versatile, comprehensive dependency security scanning
Safety CLI can be used on developer machines to scan individual requirements files or perform system-wide scans on developer machines, CI/CD pipelines, and Production systems to detect vulnerable or malicious dependencies.
Developers and DevSecOps are alerted to the presence of vulnerabilities in Safety Platform and in Safety CLI, complete with fix recommendations to minimize the effort required to remove vulnerabilities from your software supply chain.
What is considered safe today may not be tomorrow.
Safety CLI utilizes up-to-date vulnerability data from the industry’s most comprehensive database of vulnerabilities and malicious packages, alerting teams to new risks and attack vectors as they emerge.
Industry-leading Vulnerability Data.
Clear, Actionable Remediation and up to 90% Reduction in Vulnerability Noise.
Get clear and actionable fix recommendations (or even an automated fix pull request), all powered by PyUp's leading Dependency Vulnerability Database.
Whether using our integrated GitHub tools or Safety CLI scanner to secure your Python environments, we give you clear, actionable fix and upgrade recommendations for dependencies that have security vulnerabilities.
Safety reduces vulnerability noise by up to 90% by combining severity, exploitability, package health, and reachability.
End-to-End: Developer Machine, CI/CD Pipeline and Production Scanning
Safety CLI can be used on developer machines to scan individual requirements files or perform system-wide scans, CI/CD pipelines, and Production systems to detect vulnerable or malicious dependencies and alert developers and DevSecOps to their presence.
Moreover, Safety CLI provides fix recommendations and even includes a fix command to minimize the effort required to remove vulnerabilities from your software supply chain.
Deployed in minutes.
Runs in seconds.
Built by developers for developers, Safety CLI can be set up in minutes, fits into any existing workflow, and can be easily deployed to large development teams.
By enabling developers to make informed, security-based decisions earlier in the development lifecycle, the overhead on DevSecOps and infrastructure teams is significantly reduced.
Testing Safety CLI is as simple as running two commands. Using these instructions will perform a scan using our non-commercial database.
For commercial use and a free 7-day trial of Safety, please contact us.
Safety Platform Integration
Safety CLI is Enterprise-ready and can be deployed as a cloud service or on-premise.
All scans are sent to a central dashboard in Safety Platform where findings can be reviewed by the developer who ran the scan or any team members with access to that project.
All findings are presented in the context of your environment and scored using a combination of measures, including severity, package health, reachability, and exploitability.
The 'safety system-scan' command is designed to scan an entire machine to find all Python projects and environments on that machine. It finds all requirements.txt files, Poetry and Pipenv files on the machine, as well as Python environments and Python versions on that machine.
What customers are saying
And we have loved it.
The Future of Software Supply Chain Security
Can be deployed to large teams with complex project setups with ease. Build to scale with your organization and can be deployed on-premise or cloud.
Developers can easily leverage Safety CLI without manually distributing API keys. Safety also supports SAML-based authentication for enterprise customers, ensuring full control over license distribution and access.
Direct, transitive, and recursive dependency installations across developer machines, CI/CD pipelines, Git source control management (GitHub, GitLab, Bitbucket), and Production systems. Empower your development teams with powerful security capabilities directly within their familiar environment.
Output from scans includes detailed research, notes, and recommendations. The Safety Cybersecurity Intelligence Team assesses and monitors hundreds of thousands of dependencies to provide developers with insights to make informed decisions.
Identify and fix vulnerabilities at the developer machine level before they reach CI/CD or production. Safety CLI 3.0 introduces the 'safety system-scan' command for full system scans, reporting any packages with known vulnerabilities or malicious activities.