Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components. The platform integrates with multiple sources of vulnerability intelligence including the National Vulnerability Database (NVD), NPM Public Advisories, Sonatype OSS Index, and VulnDB from Risk Based Security.

In this session you'll learn about Dependency-Track, it's bill-of-material approach to providing continuous component analysis, and many of the automation options that are available with the platform.

https://dependencytrack.org/

https://github.com/DependencyTrack

https://twitter.com/DependencyTrack

-

Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...