YoVDO

Find and Track the Hidden Vulnerabilities Inside Your Dependencies

Offered By: Devoxx via YouTube

Tags

Devoxx Courses Cybersecurity Courses Jenkins Courses DevSecOps Courses Vulnerability Management Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Discover how to identify and monitor hidden vulnerabilities in your application dependencies in this 27-minute conference talk from Devoxx. Learn about vulnerability indexing systems like NVD and CVE, as well as severity scoring using CVSS. Explore the creation of a Continuous Security pipeline using Jenkins and open-source tools such as OWASP DependencyCheck and DependencyTrack. Gain insights into the DevSecOps philosophy and see practical demonstrations of vulnerability detection, tracking, and mitigation. Cover topics including the National Phenology Database, Heartbleed, common vulnerability scoring, and specific vulnerabilities in popular frameworks like Spring and Jackson. Walk through the process of fixing vulnerabilities, checking base code and dependencies, and implementing security measures using Jenkins plugins, Docker images, and API keys.

Syllabus

Intro
Risk
Introduction
National Phenology Database
Heartbleed
Common Vulnerability Scoring System
Dependency Check
Demo
Dependency Track
Springwood vulnerability
Jackson vulnerability
Fixing the vulnerability
Checking the base code
Checking the dependencies
Jenkins plugin
Jenkins report
Docker image
API Key
Flag Security Vulnerability


Taught by

Devoxx

Related Courses

The Foundations of Cybersecurity
University System of Georgia via Coursera
Introduction to Cybersecurity
SecurityScoreCard via Udacity
TOTAL: CompTIA CySA+ Cybersecurity Analyst (CS0-003)
Udemy
Fundamentals of Internet Security | Secure Your Environment
Udemy
Ciberseguridad en linea
Udemy