Node Security Platform

Node Security Platform (NSP) was a vulnerability scanning service and command-line tool that checked Node.js projects for known security vulnerabilities by analyzing package.json and lockfiles against a curated advisory database maintained by the Node Security team. The platform was acquired by npm, Inc. in April 2018 and its functionality was integrated directly into npm as the native npm audit command starting with npm@6, with the standalone NSP service shutting down on September 30, 2018.

Note: Node Security Platform is no longer available as a standalone service. Its vulnerability scanning capabilities are now built into npm via the npm audit command. For current Node.js security scanning, use npm audit which is included with npm 6.0 and later.