Socket website screenshot

Socket

Socket is a developer-first supply-chain security platform that protects applications from malicious dependencies, vulnerable packages, license risk, and software-supply-chain attacks across npm, PyPI, Go, Maven, Cargo, NuGet, RubyGems, and other open-source ecosystems. Socket ships a hosted API, CLI, MCP server, Firewall package-installer proxy (sfw), GitHub App, IDE extensions, SDKs, and reusable integrations for Jira, Slack, GitHub, GitLab, Bitbucket, Azure DevOps, and Microsoft Teams. The Socket API exposes 70+ alert categories — malware, typo- squats, install scripts, telemetry, native code, crypto wallets, suspicious network activity, license issues — plus full-scan reports with SBOM export (CycloneDX, SPDX, OpenVEX), diff scans for pull requests, a triage workflow, webhooks, and a real-time threat feed of newly discovered malicious packages.

15 APIs 20 Features
Supply Chain SecurityOpen Source SecuritySoftware Composition AnalysisSCAMalware DetectionDependency ScanningSBOMnpmPyPIGoMavenCargoNuGetRubyGemsDeveloper Security

APIs

Socket Packages API

Look up risk scores, alerts, capabilities, license, and supply-chain metadata for any open-source package by Package URL (purl). Supports npm, PyPI, Go, Maven, Cargo, NuGet, Rub...

Socket Full Scans API

Create, list, fetch, rescan, archive, and export full-scan reports for an organization's repos. Upload manifest files (package.json, requirements.txt, go.mod, pom.xml, Cargo.tom...

Socket Diff Scans API

Compute and inspect diff scans between two full scans — the engine that powers Socket's pull-request comments. Identifies added, removed, and modified dependencies with their se...

Socket Alerts API

Query current and historical security alerts for an organization across all scans, repos, and packages. Supports trend analysis, filtering by alert type and severity, and full-s...

Socket Triage API

Triage workflow for alerts — list and update the disposition (ignore, acknowledge, escalate, allow) of any alert in an organization. Comments and decision history are recorded f...

Socket Repos API

Manage the repositories Socket is monitoring inside an organization, plus repo labels for policy targeting. CRUD repos, attach/detach labels, and configure per-label settings th...

Socket Organization Settings API

Configure Socket at the organization level — security policy (which alerts block/warn/ignore), license policy (allowed/denied SPDX identifiers), telemetry collection toggles, So...

Socket Webhooks API

Register, list, update, and delete webhooks that fire when scans complete, alerts trigger, triage decisions are made, or threat-feed entries match an organization's packages. Us...

Socket Threat Feed API

Real-time feed of newly discovered malicious or suspicious packages across npm, PyPI, Go, RubyGems, and other ecosystems. Filter by ecosystem, alert type, and time window. Power...

Socket Fixes API

List available fixes — version bumps, patches, and overrides — for vulnerable or risky dependencies in an organization's scanned projects. Powers Socket's auto-fix pull-request ...

Socket Dependencies API

Search and reverse-look-up dependencies across all of an organization's scanned repos. Find every project consuming a specific package and version, plus historical dependency-co...

Socket API Tokens API

Provision, rotate, and revoke API tokens for an organization, inspect the caller's quota, and list the organizations the calling token has access to. Token-scoped permission gra...

Socket Audit Log API

Append-only audit log of every administrative event in a Socket organization — policy changes, member changes, token actions, triage decisions, and integration changes. Use for ...

Socket Organization Snapshots API

Retrieve historical organization-level snapshots — point-in-time aggregations of dependencies, alerts, and risk metrics across all monitored repos. Used to populate trend dashbo...

Socket Metadata API

Reference metadata for the Socket platform — the live machine-readable OpenAPI spec, the catalog of alert types and their severities, the catalog of license metadata used by lic...

Collections

Arazzo Workflows

Socket Audit Organization Dependencies

Search the organization's in-use dependencies by PURL, then pull alert metadata for those same packages.

ARAZZO

Socket Create and Report a Full Scan

Ensure a repository exists, create a full scan from manifest files, poll until it finishes, then export the alert CSV.

ARAZZO

Socket Diff Two Full Scans by ID

List the two most recent full scans for a repository and create a diff scan comparing them, then poll the diff until ready.

ARAZZO

Socket Diff a Repository Against Its HEAD Scan

Confirm a repository, create a diff scan against its current HEAD full scan, then poll the diff until cached results are ready.

ARAZZO

Socket Fix Vulnerabilities in a Repository

Confirm a repository and its HEAD scan, then fetch the available fixes for its vulnerabilities.

ARAZZO

Socket Investigate Alert Across Scans

Pick the latest alert, find the full scans it appears in, then read the metadata of one of those scans.

ARAZZO

Socket Generate PDF Report for Latest Scan

Find the most recent full scan for a repository, confirm its metadata, then generate a PDF report.

ARAZZO

Socket Package Issues and Available Fixes

Look up alert metadata for a batch of packages by PURL, then fetch available fixes for the discovered vulnerabilities.

ARAZZO

Socket Poll Full Scan to Completion

Create a full scan and poll its metadata until the scan_state leaves the processing states.

ARAZZO

Socket Provision and Verify a Webhook

Create an organization webhook for selected events, then read it back to confirm it was registered.

ARAZZO

Socket Rescan and Report a Full Scan

Rescan an existing full scan to apply the latest policies, poll the new scan to completion, then export its alert CSV.

ARAZZO

Socket Review and Update Org Security Policy

Read the organization's current security policy, then write back an updated default level and rule set.

ARAZZO

Socket Start and Poll Historical Snapshot

Start an on-demand historical data snapshot job, then poll the snapshot list until the job's request id appears.

ARAZZO

Socket Triage Latest Alerts

List the latest organization alerts and, when any are present, apply a triage state to one of them.

ARAZZO

Pricing Plans

Socket Dev Plans Pricing

3 plans

PLANS

Rate Limits

Socket Dev Rate Limits

3 limits

RATE LIMITS

FinOps

Features

Socket API — supply-chain risk data via Package URL (purl) across npm, PyPI, Go, Maven, Cargo, NuGet, RubyGems, and others
Full Scans — repository-wide dependency graph and alert reports with SBOM export (CycloneDX, SPDX, OpenVEX, CSV, PDF)
Diff Scans — pull-request-aware comparison between two full scans, output as JSON or GFM markdown comment
Triage workflow — list and update disposition (ignore, acknowledge, escalate, allow) for alerts at scale
Historical alerts, dependencies, and snapshots — long-window trend analytics for posture reporting
Threat Feed — real-time discovery of malicious and suspicious packages across ecosystems
Fixes — version bumps, patches, and overrides for vulnerable dependencies, including auto-PR generation
70+ alert categories — malware, typosquats, install scripts, telemetry, native code, crypto wallets, supply-chain risks
Security and license policies per organization with per-repo label overrides
Webhooks for scan completion, alert generation, triage events, and threat-feed matches
Socket Firewall — registry proxy and `sfw` runtime that prevents installation of malicious packages
Socket CLI (JavaScript + Python) for scanning, fixing, and config validation
Socket MCP Server — Model Context Protocol server exposing Socket data to AI agents
Socket Optimize — drop-in package overrides for npm/pnpm/yarn that replace vulnerable transitive dependencies
Socket Basics — bundled SAST + Secrets + Container scanning for organizations standardizing on a single tool
Socket VS Code extension and Socket GitHub Action for in-editor and in-CI security gates
GitHub, GitLab, Bitbucket, Azure DevOps, Jira, Slack, and Microsoft Teams integrations
SDKs for JavaScript / TypeScript (`@socketsecurity/sdk`) and Python
Append-only audit log of every administrative action for compliance evidence
Live OpenAPI spec served from https://api.socket.dev/v0/openapi

Semantic Vocabularies

Socket Context

0 classes · 10 properties

JSON-LD

API Governance Rules

Socket API Rules

12 rules · 2 errors 7 warnings

SPECTRAL

Example Payloads

Socket Purl Batch Example

2 fields

EXAMPLE

Socket Threat Feed Example

2 fields

EXAMPLE

Socket Triage Update Example

2 fields

EXAMPLE

Resources

🔗
PostmanWorkspace
PostmanWorkspace
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🌐
Portal
Portal
🔗
Documentation
Documentation
🔗
Documentation
Documentation
🚀
GettingStarted
GettingStarted
🔑
Authentication
Authentication
📝
Signup
Signup
📰
Blog
Blog
📄
ChangeLog
ChangeLog
🟢
StatusPage
StatusPage
💰
Pricing
Pricing
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
🔗
TrustCenter
TrustCenter
👥
GitHubOrganization
GitHubOrganization
🔗
LinkedIn
LinkedIn
🔗
Twitter
Twitter
📦
SDKs
SDKs
📦
SDKs
SDKs
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔧
Tools
Tools
🔗
OpenAPI
OpenAPI
🔗
Plans
Plans
🔗
RateLimits
RateLimits
🔗
FinOps
FinOps

Sources

Raw ↑
opencollection: 1.0.0
info:
  name: Socket Webhooks API
  version: '0'
items:
- info:
    name: webhooks
    type: folder
  items:
  - info:
      name: List all webhooks
      type: http
    http:
      method: GET
      url: https://api.socket.dev/v0/orgs/:org_slug/webhooks
      params:
      - name: org_slug
        value: ''
        type: path
        description: The slug of the organization
      - name: sort
        value: ''
        type: query
      - name: direction
        value: ''
        type: query
      - name: per_page
        value: ''
        type: query
      - name: page
        value: ''
        type: query
      auth:
        type: bearer
        token: '{{bearerToken}}'
    docs: 'List all webhooks in the specified organization.


      This endpoint consumes 1 unit of your quota.


      This endpoint requires the following org token scopes:

      - webhooks:list'
  - info:
      name: Create a webhook
      type: http
    http:
      method: POST
      url: https://api.socket.dev/v0/orgs/:org_slug/webhooks
      params:
      - name: org_slug
        value: ''
        type: path
        description: The slug of the organization
      body:
        type: json
        data: '{}'
      auth:
        type: bearer
        token: '{{bearerToken}}'
    docs: 'Create a new webhook. Returns the created webhook details.


      This endpoint consumes 1 unit of your quota.


      This endpoint requires the following org token scopes:

      - webhooks:create'
  - info:
      name: Get webhook
      type: http
    http:
      method: GET
      url: https://api.socket.dev/v0/orgs/:org_slug/webhooks/:webhook_id
      params:
      - name: org_slug
        value: ''
        type: path
        description: The slug of the organization
      - name: webhook_id
        value: ''
        type: path
        description: The ID of the webhook
      auth:
        type: bearer
        token: '{{bearerToken}}'
    docs: 'Get a webhook for the specified organization.


      This endpoint consumes 1 unit of your quota.


      This endpoint requires the following org token scopes:

      - webhooks:list'
  - info:
      name: Update webhook
      type: http
    http:
      method: PUT
      url: https://api.socket.dev/v0/orgs/:org_slug/webhooks/:webhook_id
      params:
      - name: org_slug
        value: ''
        type: path
        description: The slug of the organization
      - name: webhook_id
        value: ''
        type: path
        description: The ID of the webhook
      body:
        type: json
        data: '{}'
      auth:
        type: bearer
        token: '{{bearerToken}}'
    docs: 'Update details of an existing webhook.


      This endpoint consumes 1 unit of your quota.


      This endpoint requires the following org token scopes:

      - webhooks:update'
  - info:
      name: Delete webhook
      type: http
    http:
      method: DELETE
      url: https://api.socket.dev/v0/orgs/:org_slug/webhooks/:webhook_id
      params:
      - name: org_slug
        value: ''
        type: path
        description: The slug of the organization
      - name: webhook_id
        value: ''
        type: path
        description: The ID of the webhook
      auth:
        type: bearer
        token: '{{bearerToken}}'
    docs: 'Delete a webhook. This will stop all future webhook deliveries to the webhook URL.


      This endpoint consumes 1 unit of your quota.


      This endpoint requires the following org token scopes:

      - webhooks:delete'
bundled: true