DependaBot: It works after the dependencies are been merged into the master branch. It helps to detect that the repository uses a vulnerable dependency or not. In layman terms, it helps to detect that if there is any dependency in the master branch have became vulnerable and is need to be updated.
Dependency Review: It catches insecure dependencies before one introduces them to the environment, and provides information on license, dependents, and age of dependencies. In layman's terms, it helps to understand dependency changes and the security impact of these changes at every pull request.
Vulnerability Scanner: The Vulernability Scanner File will help to detect any vulnerabilties in the repository and will alert us on slack every Monday.