Connect your GitHub account to monitor repositories and automatically open remediation pull requests with patched dependency manifests.

• → Browse and import repositories for continuous monitoring
• → Auto-create remediation PRs targeting the default branch
• → Supports GitHub.com and self-hosted GitHub Enterprise
• → GHSA advisory enrichment via GitHub token

Monitor GitLab projects and automatically create merge requests when vulnerabilities are detected and patches are available.

• → Import projects from GitLab for scheduled scanning
• → Auto-create remediation merge requests
• → Supports GitLab.com and self-hosted GitLab CE/EE
• → Authenticate per-project with personal access tokens

Native formatting per platform — auto-detected by webhook hostname. Slack gets Block Kit, Teams gets Adaptive Cards, Discord gets rich embeds, anything else gets a generic JSON payload. No app installation; just paste the webhook URL.

• → Slack: Block Kit with severity-coded sections and rationale text
• → Microsoft Teams: Adaptive Card with action buttons
• → Discord: rich embed with severity color and metadata
• → Generic JSON webhook for PagerDuty, Opsgenie, custom endpoints
• → Triggers: new findings, policy failures, firewall blocks, scan completion

Auto-create tickets from findings or firewall blocks with severity, evidence bundle, and remediation guidance attached. Round-trip status updates back to dpndncY so you can see ticket state inline with the finding.

• → Native Jira API client — cloud and self-hosted Data Center
• → Native Linear API client
• → Configurable per-tenant: project key, issue type, default assignee
• → Bulk-create tickets from a filtered finding view
• → Two-way sync — close the finding when the ticket closes

Get email notifications when continuous monitoring detects new vulnerabilities in tracked projects. Configurable per project via SMTP.

• → Works with any SMTP provider — Gmail, Office 365, SendGrid
• → Per-project notification email address
• → Summary of new findings with severity and package details

Connect any OpenID Connect or SAML 2.0 identity provider for single sign-on. Users authenticate with their corporate identity.

• → Okta, Azure AD / Entra ID, Google Workspace, Keycloak, Auth0, ADFS
• → PKCE flow with state and nonce validation
• → Auto-provisions users on first login
• → Configured via environment variables — no code changes

Use Personal API Tokens to authenticate from any CI/CD pipeline — GitHub Actions, GitLab CI, Jenkins, CircleCI, or custom scripts.

• → Generate long-lived tokens from the Profile page
• → Bearer token auth on all scan and export endpoints
• → Enforce policy gates — fail builds on PASS/FAIL verdict
• → Export SARIF, CycloneDX SBOM, and PDF reports via API

Drop dpndncy/agent-action into any workflow. The Action downloads the eBPF agent at job start, attaches kernel probes, and posts a DSSE-signed in-toto trace of every connect, exec, file, and DNS event at job end.

• → Composite action with pre and post steps
• → Per-job RSA keypair, public key registered with the dpndncY server
• → Optional SHA-256 verification of the downloaded binary
• → Optional fail-on gate (block / review) with PR comment summary
• → GitHub-hosted ubuntu-22.04 / 24.04 work out of the box (kernel BTF present)

Deploy one privileged agent per node and see every container's syscalls. Works under Tekton, Argo Workflows, kpack, GitLab runners in K8s mode, Buildkite agents on K8s, and actions-runner-controller. Ships with a raw manifest plus a focused Helm chart.

• → DaemonSet with hostPID + hostNetwork — no privileged: true
• → Explicit capability set: BPF, PERFMON, SYS_RESOURCE, NET_ADMIN, SYS_PTRACE
• → Per-cluster RSA signing key mounted from a Secret
• → Policy ConfigMap with observe / learn / enforce modes
• → Helm install: helm install dpndncy-agent ./agent/k8s/helm
• → linux/amd64 and linux/arm64 binaries