Free version available for GitHub and as an extension for Azure DevOps.
Scans projects and detects open source components and license vulnerabilities.
Read Open Source Scanning in Visual Studio Team Services with WhiteSource Bolt.
Read Should we use npm audit, Whitesource Bolt, Whitesource, and/or other products?.
Ranked in these QuestionsQuestion Ranking
Pro Supports over 200 programming languages
Pro CI integration
The paid version supports Azure pipelines, TeamCity, Jenkins, Bamboo, CircleCI and Travis CI.
Free version available.
Con Limited free version
Free version is limited to 5 scans per repo a day.