diff --git a/bucket/osv-scanner.json b/bucket/osv-scanner.json
new file mode 100644
index 0000000000..2c1e8551ff
--- /dev/null
+++ b/bucket/osv-scanner.json
@@ -0,0 +1,24 @@
+{
+    "version": "1.0.0",
+    "description": "Find existing vulnerabilities affecting your project's dependencies.",
+    "homepage": "https://github.com/google/osv-scanner",
+    "license": "Apache-2.0",
+    "architecture": {
+        "64bit": {
+            "url": "https://github.com/google/osv-scanner/releases/download/v1.0.0/osv-scanner_1.0.0_windows_amd64.exe#/osv-scanner.exe",
+            "hash": "d9347ad3cc64a47706ab3bcf261be04d26ef0c34fea2ac69089aca4b971cda52"
+        }
+    },
+    "bin": "osv-scanner.exe",
+    "checkver": "github",
+    "autoupdate": {
+        "architecture": {
+            "64bit": {
+                "url": "https://github.com/google/osv-scanner/releases/download/v$version/osv-scanner_$version_windows_amd64.exe#/osv-scanner.exe"
+            }
+        },
+        "hash": {
+            "url": "$baseurl/osv-scanner_$version_SHA256SUMS"
+        }
+    }
+}