I think the .NET ecosystem is probably one of the worst applications of this kind of product. One major reason being that it already has a first-party vulnerability tracking system that is fully integrated into the visual studio + nuget experience [0].
The biggest reason for me is that I simply don't use 3rd party nugets as a .NET developer. It's almost always first party and very tightly controlled third party (i.e., official AWS SDK). The batteries are included. They're installed in the toy already and there's also a spare pack in the box just in case.
If you are working on modern .NET projects and having trouble managing all of your dependencies, you are definitely doing something suboptimal.
I think the difference here is Socket offering a more comprehensive solution. NuGet giving CVE notifications OOB is nice, but it's not always enough and not a replacement for a full SBOM tool if you need one. It's probably a big company would need, but likely much less so any smaller one.
> We’d love to hear from .NET developers
I think the .NET ecosystem is probably one of the worst applications of this kind of product. One major reason being that it already has a first-party vulnerability tracking system that is fully integrated into the visual studio + nuget experience [0].
The biggest reason for me is that I simply don't use 3rd party nugets as a .NET developer. It's almost always first party and very tightly controlled third party (i.e., official AWS SDK). The batteries are included. They're installed in the toy already and there's also a spare pack in the box just in case.
If you are working on modern .NET projects and having trouble managing all of your dependencies, you are definitely doing something suboptimal.
[0] https://learn.microsoft.com/en-us/nuget/concepts/auditing-pa...
I think the difference here is Socket offering a more comprehensive solution. NuGet giving CVE notifications OOB is nice, but it's not always enough and not a replacement for a full SBOM tool if you need one. It's probably a big company would need, but likely much less so any smaller one.