This tool checks open source code against a vulnerability database. Offerings also include IDE integration and license and vulnerability identification (Docker and OCI images). New vulnerabilities trigger alerts in Slack, Jira or email. The API provides real-time security status.