Log4J – A 10 step mitigation plan

Security Code Collaboration Open Source

Dependency-Check Landing Page
1

DC

Dependency-Check

Dependency-Check is a utility that identifies project dependencies and checks if there are any...
Pricing:
- Open Source
Make sure you know what you are running on your platform. The Software Bill of Materials (SBoM) describes all the various software components on which your system is based. If you keep an active track of your SBoM with tools like OWASP dependencyTrack, it becomes easier to know whether software you are using is vulnerable. Additionally there are great open-source tools, like the OWASP Dependency Checker, Trivy, Clair, and many others which you can use as part of your CI/CD pipeline to detect whether some of the software you are building has known vulnerabilities.

#Security #Code Analysis #Web Application Security 16 social mentions
CoreOS Clair Landing Page

2

CoreOS Clair

Open-source container vulnerability analysis service.

Make sure you know what you are running on your platform. The Software Bill of Materials (SBoM) describes all the various software components on which your system is based. If you keep an active track of your SBoM with tools like OWASP dependencyTrack, it becomes easier to know whether software you are using is vulnerable. Additionally there are great open-source tools, like the OWASP Dependency Checker, Trivy, Clair, and many others which you can use as part of your CI/CD pipeline to detect whether some of the software you are building has known vulnerabilities.

#Web Application Security #Code Collaboration #Security & Privacy 15 social mentions