Supply Chain Risk Management with OWASP Dependency-Check
|
Software supply chain risks are a huge security concern today and automated tools are essential to mitigate this threat. In this course, you will learn how to manage this risk by setting up OWASP Dependency-Check scanning on a software project.
On average, a modern software application relies on over 500 open source components, and at least 25% of these dependencies will have known security vulnerabilities. Yet software vendors are all too often unaware of these vulnerabilities and may not even know on which components their software is dependent. In this course, Supply Chain Risk Management with OWASP Dependency-Check, you will learn how to use OWASP Dependency-Check to secure your software supply chain by scanning for, detecting, and acting on vulnerable third party components in software you produce. First, you will discover how to obtain and install OWASP Dependency-Check. Next, you will see how Dependency-Check can be used to scan an application for vulnerable dependencies. Finally, you will explore some best practices for reviewing and remediating the output of a Dependency-Check scan. By the end of this course, you will know how to manage these risks by setting up OWASP Dependency-Check scanning on a software project.
Author Name: Matthew Kendall
Author Description:
Matt is a senior software engineer, technical lead, and consultant with experience in a wide range of technologies, and a particular focus on frontend development and security. He is passionate about delivering, and helping others deliver, high-quality web applications which keep users and their data secure and provide an awesome user experience. Matt has experience working with some of the biggest names in the consumer goods and energy sectors, as well as in highly regulated industries includin… more
User Reviews
Be the first to review “Supply Chain Risk Management with OWASP Dependency-Check”
Related Products
Advanced Web Application Penetration Testing with Burp Suite
Burp suite can help improve your penetration testing. This is an advanced course designed to expand your knowledge of the Burp Suite product to utilize many of the lesser known features offered in the tool.
Writing Burp Suite Macros and Plugins
Learn how to write Burp Suite macros and extensions in different languages. Understand the Burp API, its supporting classes and structure in order to equip yourself in writing customized Burp functionality for your developer and pentester needs.
Privilege Escalation with SweetPotato
Escalating local privileges is an essential step on a red team engagement, it allows you to fully own a target machine. In this course, you'll learn privilege escalation using SweetPotato.
Social Engineering: Executive Briefing
Social engineering poses a potential threat to not only employees at an organization, but also directly to company executives. In this executive briefing, we will look at understand what social engineering and how you can protect yourself from it.
Post Exploitation with Kali Linux
Kali Linux is a flavor of Linux that comes pre-loaded with many security tools for all levels of the attack kill chain. This course will teach you about post exploitation techniques using Kali Linux.
Digital Forensics: The Big Picture
Digital devices are everywhere, along with digital crime and the corresponding evidence. This course will teach you all about this field and give you the foundational knowledge needed to make informed decisions about your digital future.
There are no reviews yet.