Supply Chain Risk Management with OWASP Dependency-Check
Offered By: Pluralsight
Course Description
Overview
Software supply chain risks are a huge security concern today and automated tools are essential to mitigate this threat. In this course, you will learn how to manage this risk by setting up OWASP Dependency-Check scanning on a software project.
On average, a modern software application relies on over 500 open source components, and at least 25% of these dependencies will have known security vulnerabilities. Yet software vendors are all too often unaware of these vulnerabilities and may not even know on which components their software is dependent. In this course, Supply Chain Risk Management with OWASP Dependency-Check, you will learn how to use OWASP Dependency-Check to secure your software supply chain by scanning for, detecting, and acting on vulnerable third party components in software you produce. First, you will discover how to obtain and install OWASP Dependency-Check. Next, you will see how Dependency-Check can be used to scan an application for vulnerable dependencies. Finally, you will explore some best practices for reviewing and remediating the output of a Dependency-Check scan. By the end of this course, you will know how to manage these risks by setting up OWASP Dependency-Check scanning on a software project.
On average, a modern software application relies on over 500 open source components, and at least 25% of these dependencies will have known security vulnerabilities. Yet software vendors are all too often unaware of these vulnerabilities and may not even know on which components their software is dependent. In this course, Supply Chain Risk Management with OWASP Dependency-Check, you will learn how to use OWASP Dependency-Check to secure your software supply chain by scanning for, detecting, and acting on vulnerable third party components in software you produce. First, you will discover how to obtain and install OWASP Dependency-Check. Next, you will see how Dependency-Check can be used to scan an application for vulnerable dependencies. Finally, you will explore some best practices for reviewing and remediating the output of a Dependency-Check scan. By the end of this course, you will know how to manage these risks by setting up OWASP Dependency-Check scanning on a software project.
Syllabus
- Course Overview 1min
- Securing Project Dependencies with OWASP Dependency-Check 43mins
- Summary and Resources 2mins
Taught by
Matthew Kendall
Related Courses
Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld SystemsVanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLPĀ®
Pluralsight