Google OSV-Scanner - Vulnerability Detection for Dependencies When to Use OSV-Scanner Ideal scenarios: - Software Composition Analysis (SCA) - Dependency vulnerability scanning - License compliance checking - SBOM (Software Bill of Materials) analysis - Container image vulnerability scanning - Supply chain security assessment - CI/CD security gates for dependencies - Open source risk management Complements other tools: - Use alongside code scanners (Semgrep, CodeQL) for complete coverage - Combine with Depscan for enhanced SCA capabilities - Use with SARIF Issue Reporter for findings analysis…