Introducing Guard Dep 2.0 — Real-time SCA for Enterprise

Stop vulnerable
dependencies before they ship

Guard Dep scans every dependency across your repositories, surfaces exploitable CVEs, and blocks risky packages automatically — so your engineering teams can ship fast without exposing your attack surface.

guarddep scan — mtn-billing-service
$ guarddep scan ./
Scanning 847 dependencies across 12 repositories...
 
✦ mtn-billing-service 3 CRITICAL 6 HIGH 4 MED
✦ mtn-auth-gateway 2 CRITICAL 4 HIGH 2 MED
✦ mtn-payment-core 4 CRITICAL 5 HIGH
✓ mtn-mobile-api CLEAN
✓ mtn-analytics-api CLEAN
 
CVE-2021-44228 (Log4Shell) CVSS 10.0 — log4j-core@2.14.1
CVE-2021-23337 CVSS 9.8 — lodash@4.17.20
 
Auto-fix available for 9 of 14 vulnerabilities.
$
Trusted by engineering teams atMTN GroupSafaricomFlutterwaveInterswitchPaystackAndela
847K+
Packages scanned daily across all customer repos
99.4%
Accuracy on CVE detection with zero false-negative SLA
<2s
Median time to vulnerability detection from commit
12+
Ecosystems supported: npm, pip, maven, Go, cargo, gem…
Core Capabilities

A new layer of security
for your dependency supply chain

Traditional CI/CD security stops at code. Guard Dep goes deeper — tracking the transitive graph of every package your engineers pull in, continuously.

Universal Discovery
Automatically inventories every direct and transitive dependency across all repositories — npm, pip, maven, Go modules, Cargo, RubyGems and more.
Real-time CVE Matching
Continuously matches your dependency graph against NVD, GitHub Advisory, and OSV databases. Alerts propagate in under 2 seconds from publication.
Automated Blocking
Define policies that automatically block builds, fail CI checks, or create PRs with upgrade paths — before vulnerable packages ever reach production.
Risk Intelligence
CVSS scoring, EPSS exploit probability, CWE classification, and reachability analysis give you the context to triage what actually matters.
Scanning

Complete dependency visibility, across every repo

Guard Dep connects to GitHub and builds a live dependency graph. See every package, every version, every risk. Updated on every push.

  • Real-time inventory across 12+ ecosystems
  • Transitive dependency tree with depth analysis
  • License compliance tracking alongside security
  • Historical trending — watch your risk posture improve
Start scanning →
mtn-billing-service / package-lock.json
3 CRITICAL6 HIGH4 MED
log4j-core2.14.12.17.2
lodash4.17.204.17.22
axios0.21.11.7.4
express4.17.14.18.3
react18.3.1
Who it's for

Built for every role in your security workflow

From security engineers who define policy to developers who ship features — Guard Dep fits naturally into every workflow.

Security Engineers
Get real-time visibility into every dependency risk across the organisation. Set policies once, enforce everywhere.
Developers
Know exactly which packages are safe to use before you push. Get safe upgrade suggestions inline in every PR.
Compliance & Auditors
Generate SBOM and vulnerability reports on demand. Full audit trail of who changed what and when.
Engineering Leaders
Track your organisation's security posture over time. Reduce mean time to remediation with automated blocking.
Pricing

Simple, transparent pricing

Start free. Scale when you need it. No payment integration in MVP — upgrades handled directly by our team.

Free
₦0/month

For individuals and small teams getting started.

Get started free
  • 1 repository
  • PR blocking via GitHub Checks
  • GitHub Security tab integration
  • All 8 ecosystems scanned
  • OSV + NVD + GHSA advisories
  • Remediation commands
  • Dependency staleness warnings
  • Community support
Most Popular
Pro
£29/month

For growing engineering teams that need full coverage.

Start Pro trial
  • Unlimited repositories
  • PR blocking via GitHub Checks
  • All 8 ecosystems scanned
  • Custom block-list management
  • SBOM export (CycloneDX + SPDX)
  • Slack & Teams webhook alerts
  • Weekly security digest email
  • Remediation copy-commands
  • Dependency staleness warnings
  • CSV + JSON vulnerability reports
  • Audit log
  • Email support
Enterprise
Contact us

For large organisations that need compliance and SLAs.

Talk to sales
  • Everything in Pro
  • Multi-org team management
  • Role-based access control
  • Policy-as-code (.depguard.yml)
  • PDF + SBOM export
  • Audit log export
  • SSO / SAML
  • Custom SLA + uptime guarantee
  • Dedicated security engineer
  • Priority support 24/7

Secure your supply chain
starting today

Connect your GitHub organisation and start scanning in under 2 minutes. Free forever for one repo.