# Introduction to Safety CLI Vulnerability Scanning

Safety CLI is a Python dependency vulnerability scanner designed to enhance software supply chain security by detecting packages with known vulnerabilities and malicious packages in local development environments, CI/CD, and production systems.

Safety CLI can be [deployed in minutes](https://docs.safetycli.com/safety-docs/safety-cli/introduction-to-safety-cli-vulnerability-scanning/quick-start-guide) and provides [clear, actionable recommendations](https://docs.safetycli.com/safety-docs/safety-cli/scanning-for-vulnerable-and-malicious-packages/viewing-scan-results) for [remediation](https://docs.safetycli.com/safety-docs/vulnerability-remediation/applying-fixes) of detected vulnerabilities.

<figure><img src="https://1428014516-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F0ABDwXSDJWM5juLdc6ie%2Fuploads%2Fgit-blob-523a4b860dc416d78c0cb55e3643b5dd2699e64b%2Fsafety_scan_S_white.gif?alt=media" alt="" width="518"><figcaption></figcaption></figure>

Leveraging the industry's most comprehensive database of vulnerabilities and malicious packages, Safety CLI Scanner allows teams to detect vulnerabilities at every stage of the software development lifecycle.

## Key Features

* Versatile, comprehensive dependency security scanning for Python packages.
* Leverages Safety DB, the most comprehensive vulnerability data available for Python.
* Clear output with detailed recommendations for vulnerability remediation.
* Automatically updates requirements files to secure versions of dependencies where available, guided by your project's policy settings.
* Scanning of individual requirements files and project directories or system-wide scans on developer machines, CI/CD pipelines, and Production systems to detect vulnerable or malicious dependencies.
* JSON, SBOM, HTML and text output.
* Easy integration with CI/CD pipelines, including GitHub Actions.
* **Enterprise Ready:** Safety CLI can be deployed to large teams with complex project setups with ease, on-premise or as a SaaS product.

<figure><img src="https://1428014516-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F0ABDwXSDJWM5juLdc6ie%2Fuploads%2Fgit-blob-f4b6f14cc6a06fced68e0358f67746b490122485%2Fimage.png?alt=media" alt=""><figcaption><p>Safety CLI, Version 3.0.0</p></figcaption></figure>

Integrating into your existing workflow is easy, and it is possible to scan the full software development lifecycle, from developer machines to CI/CD pipelines and Production systems.<br>

Safety CLI is backed by our industry-leading vulnerability data and recommends fixes for vulnerabilities as they are detected.

> #### Versatile, comprehensive dependency security scanning

‍Safety can be deployed in minutes, seamlessly integrates with existing workflows, and allows developers to make informed security-based decisions without disrupting productivity.

> We transitioned from the free Snyk scanning to Safety because of the recommendation of one of our lead developers. **And we have loved it.**
>
> **Sean Howard -** CEO, Flightpath

## **Supported Ecosystems**

Safety currently supports Python only but will expand to support JavaScript and Java in H2 2025.