OWASP Dependency Track - Software Composition Analysis and Vulnerability Management
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the OWASP Dependency Track project in this 25-minute conference talk by Steve Springett. Gain insights into software supply chain security and learn about the Software Bill of Materials (SBOM) concept. Discover how Dependency Track utilizes CycloneDX to manage and analyze dependencies, and understand its typical workflow through a live demonstration. Examine features such as time series analysis, component tracking, dependency graphs, and the policy engine. Enhance your knowledge of open-source security practices and tools endorsed by the OWASP Foundation.
Syllabus
Intro
Background
Dependency Track
Software Bill Material
Cyclonedx
What does it do
Typical workflow
Demo
Time Series
Number of Components
List of Ingredients
Dependency Graph
Stock Quotes
Policy Engine
Taught by
OWASP Foundation
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube