Dependency-Check is a Software Composition Analysis (SCA) tool designed to identify publicly disclosed vulnerabilities in project dependencies by matching them against Common Platform Enumeration (CPE) identifiers and linking to associated CVE entries. It supports multiple integration methods, including CLI, Maven, Gradle, Ant, and Jenkins, and requires Java 11 or higher. The tool relies on the NVD API for vulnerability data, with an API key highly recommended for optimal performance. It supports various technologies like .NET, Go, Ruby, and npm, and can be used in CI environments with caching strategies to manage rate limits. Dependency-Check generates detailed reports and is licensed under Apache 2.0.