Simple play icon Course

Supply Chain Risk Management with OWASP Dependency-Check

by Matthew Kendall

Software supply chain risks are a huge security concern today and automated tools are essential to mitigate this threat. In this course, you will learn how to manage this risk by setting up OWASP Dependency-Check scanning on a software project.

What you'll learn

On average, a modern software application relies on over 500 open source components, and at least 25% of these dependencies will have known security vulnerabilities. Yet software vendors are all too often unaware of these vulnerabilities and may not even know on which components their software is dependent. In this course, Supply Chain Risk Management with OWASP Dependency-Check, you will learn how to use OWASP Dependency-Check to secure your software supply chain by scanning for, detecting, and acting on vulnerable third party components in software you produce. First, you will discover how to obtain and install OWASP Dependency-Check. Next, you will see how Dependency-Check can be used to scan an application for vulnerable dependencies. Finally, you will explore some best practices for reviewing and remediating the output of a Dependency-Check scan. By the end of this course, you will know how to manage these risks by setting up OWASP Dependency-Check scanning on a software project.

About the author

Matt is a senior software engineer, technical lead, and consultant with experience in a wide range of technologies, and a particular focus on frontend development and security. He is passionate about delivering, and helping others deliver, high-quality web applications which keep users and their data secure and provide an awesome user experience. Matt has experience working with some of the biggest names in the consumer goods and energy sectors, as well as in highly regulated industries includin... more

Ready to upskill? Get started