Talks
Events

Dependency Track

Steve Springett at AppSec USA 2018

Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components. The platform integrates with multiple sources of vulnerability intelligence including the National Vulnerability Database (NVD), NPM Public Advisories, Sonatype OSS Index, and VulnDB from Risk Based Security.

In this session you'll learn about Dependency-Track, it's bill-of-material approach to providing continuous component analysis, and many of the automation options that are available with the platform.

https://dependencytrack.org/

https://github.com/DependencyTrack

https://twitter.com/DependencyTrack