diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
index 0f08a03e4..3e2324c68 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
@@ -26,6 +26,8 @@ import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceCollection;
 import org.owasp.dependencycheck.utils.FileFilterBuilder;
 import org.owasp.dependencycheck.utils.Settings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.FileFilter;
 import java.io.IOException;
@@ -38,6 +40,11 @@ import java.io.IOException;
  */
 public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
 
+    /**
+     * The logger.
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(NodePackageAnalyzer.class);
+
     /**
      * The name of the analyzer.
      */
@@ -112,24 +119,42 @@ public class NodePackageAnalyzer extends AbstractFileTypeAnalyzer {
         }
         JSONObject json = new JSONObject(contents);
         final EvidenceCollection productEvidence = dependency.getProductEvidence();
-        addToEvidence(json, productEvidence, "name");
+        final EvidenceCollection vendorEvidence = dependency.getVendorEvidence();
+        if (json.has("name")) {
+            Object value = json.get("name");
+            if (value instanceof String) {
+                productEvidence.addEvidence(PACKAGE_JSON, "name", (String) value, Confidence.HIGHEST);
+                vendorEvidence.addEvidence(PACKAGE_JSON, "name_project", String.format("%s_project", value), Confidence.LOW);
+            } else {
+                LOGGER.warn("JSON value not string as expected: %s", value);
+            }
+        }
         addToEvidence(json, productEvidence, "description");
-        addToEvidence(json, dependency.getVendorEvidence(), "author");
+
+        addToEvidence(json, vendorEvidence, "author");
         addToEvidence(json, dependency.getVersionEvidence(), "version");
     }
 
-    private void addToEvidence(JSONObject json, EvidenceCollection productEvidence, String key) {
+    private void addToEvidence(JSONObject json, EvidenceCollection collection, String key) {
         if (json.has(key)) {
             Object value = json.get(key);
             if (value instanceof String) {
-                productEvidence.addEvidence(PACKAGE_JSON, key, (String) value, Confidence.HIGHEST);
+                collection.addEvidence(PACKAGE_JSON, key, (String) value, Confidence.HIGHEST);
             } else if (value instanceof JSONObject) {
-                for (String property : ((JSONObject) value).keySet()) {
-                    productEvidence.addEvidence(PACKAGE_JSON,
-                            String.format("%s.%s", key, property),
-                            ((JSONObject) value).getString(property),
-                            Confidence.HIGHEST);
+                final JSONObject jsonObject = (JSONObject) value;
+                for (String property : jsonObject.keySet()) {
+                    final Object subValue = jsonObject.get(property);
+                    if (subValue instanceof String) {
+                        collection.addEvidence(PACKAGE_JSON,
+                                String.format("%s.%s", key, property),
+                                (String) subValue,
+                                Confidence.HIGHEST);
+                    } else {
+                        LOGGER.warn("JSON sub-value not string as expected: %s");
+                    }
                 }
+            } else {
+                LOGGER.warn("JSON value not string or JSON object as expected: %s", value);
             }
         }
     }
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java
index b27268815..c265a3a3e 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java
@@ -91,7 +91,9 @@ public class NodePackageAnalyzerTest extends BaseTest {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/node_modules/dns-sync/package.json"));
         analyzer.analyze(result, null);
-        assertThat(result.getVendorEvidence().toString(), containsString("Sanjeev Koranga"));
+        final String vendorString = result.getVendorEvidence().toString();
+        assertThat(vendorString, containsString("Sanjeev Koranga"));
+        assertThat(vendorString, containsString("dns-sync_project"));
         assertThat(result.getProductEvidence().toString(), containsString("dns-sync"));
         assertThat(result.getVersionEvidence().toString(), containsString("0.1.0"));
     }