OWASP Dependency Track - Software Composition Analysis and Vulnerability Management
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the OWASP Dependency Track project in this 25-minute conference talk by Steve Springett. Gain insights into software supply chain security and learn about the Software Bill of Materials (SBOM) concept. Discover how Dependency Track utilizes CycloneDX to manage and analyze dependencies, and understand its typical workflow through a live demonstration. Examine features such as time series analysis, component tracking, dependency graphs, and the policy engine. Enhance your knowledge of open-source security practices and tools endorsed by the OWASP Foundation.
Syllabus
Intro
Background
Dependency Track
Software Bill Material
Cyclonedx
What does it do
Typical workflow
Demo
Time Series
Number of Components
List of Ingredients
Dependency Graph
Stock Quotes
Policy Engine
Taught by
OWASP Foundation
Related Courses
Hardening Your Soft Software Supply ChainPluralsight DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX GitHub Supply Chain Security Using GitGat
Linux Foundation via edX Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube