Dependency-Track: Intelligent Software Composition Analysis Platform
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Learn about Dependency-Track, an intelligent Software Composition Analysis (SCA) platform, in this 34-minute OWASP Foundation video. Explore how organizations can identify and reduce risks from third-party and open source components using Dependency-Track's bill-of-material approach for continuous component analysis. Discover the platform's integration with multiple vulnerability intelligence sources, including the National Vulnerability Database, NPM Public Advisories, Sonatype OSS Index, and VulnDB. Gain insights into automation options available with the platform, and understand key concepts such as Software Bill of Materials, vulnerability analysis, Package URL, and vulnerability auditing. Access additional resources through the provided links to deepen your knowledge of this powerful SCA tool.
Syllabus
Introduction
Dependency Track
Software Bill of Material
Vulnerability Analysis
Bill of Material Support
Bill of Material
Dependency Tracking
Package URL
Package NPM
Vulnerability List
Vulnerability Audit
Taught by
OWASP Foundation
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube