Dependency Audits | BitAuth

What's in your node_modules?

Audit your dependencies using a security‑reviewed registry.

# Get beta access, then:
npm install -g @bitauth/cli
 + @bitauth/cli@1.0.0
bitauth init

Better Security for Everyone

BitAuth makes javascript projects safer by verifying signatures from trusted security reviewers. You can review and sign packages yourself, and you can use existing signatures from our security-reviewed registry for free.

  1. 1bitauth init

    Like a git init for security, this creates a.bitauth directory with configuration and signing identity information.

  2. 2bitauth review

    Start an interactive dependency review: choose any dependency, review it however you like, then sign it.

  3. 3bitauth audit

    Validate all signatures, confirming each dependency has been reviewed according to the project’s security configuration.

BitAuth CLI

Proactive Security

New exploits can take weeks or months to be found or added to vulnerability databases. BitAuth is proactive, making it easier to catch issues before they happen.

Incremental Setup

Getting started is easy, even for large projects. By default, existing packages are excluded from audits and only included when you update them.

Secure Upgrades

Try bitauth upgrade to start an interactive upgrade. Easily review the differences between existing and updated versions before upgrading a package.

Configurable Audits

Audits can require different reviewers — or groups of reviewers — for each package. Requirements can be configured for your project’s security workflow.

BitAuth Enterprise

Accountable Security

Security as a service, backed by up to $1M in coverage.

Continuous Security

With BitAuth Enterprise, your dependencies are proactively reviewed by security experts and machine analysis. Login with the CLI to integrate seamlessly with your development process or Continuous Integration.

Upgrade with Confidence

Even for the most security-conscious development teams, dependency upgrade reviews are tedious and error-prone. If your tests pass, you can upgrade: we’ve already reviewed the changes for security problems.

Move Fast, Stay Secure

Fearlessly install and use new dependencies — with full security coverage, using open source dependencies is both faster and safer than vendoring or rewriting code yourself.

Insured Against Losses

Security incidents cost time, money, and customer trust. If we miss a vulnerability that affects you, we’ll cover your losses — backed by industry-leading insurance carriers.

Pricing is based on coverage, and free trials are available during the beta.

Please request an invite for details.

Use open source software with the security and confidence of up to $1,000,000 in insurance coverage.