Supply Chain Risk Management with OWASP Dependency-Check

Focused View

Matthew Kendall

47:15

93 View

1. Course Overview

1. Course Overview.mp4

01:50

02. Securing Project Dependencies with OWASP Dependency-Check

01. Supply Chain Security.mp4

03:55

02. Software Composition Analysis and Dependency-Check.mp4

03:35

03. NIST Cybersecurity Framework.mp4

01:29

04. Installation.mp4

02:07

05. Demo - Dependency-Check Reports.mp4

05:36

06. Demo - Configuring Analyzers.mp4

07:31

07. Demo - Skipping Development Dependencies.mp4

03:40

08. Remediating Vulnerable Components.mp4

05:06

09. Demo - Configuring Scan Failures.mp4

05:06

10. Tips and Best Practices.mp4

04:54

3. Summary and Resources

1. Summary.mp4

01:01

2. Resources.mp4

01:25

Description

Software supply chain risks are a huge security concern today and automated tools are essential to mitigate this threat. In this course, you will learn how to manage this risk by setting up OWASP Dependency-Check scanning on a software project.

What You'll Learn?

On average, a modern software application relies on over 500 open source components, and at least 25% of these dependencies will have known security vulnerabilities. Yet software vendors are all too often unaware of these vulnerabilities and may not even know on which components their software is dependent. In this course, Supply Chain Risk Management with OWASP Dependency-Check, you will learn how to use OWASP Dependency-Check to secure your software supply chain by scanning for, detecting, and acting on vulnerable third party components in software you produce. First, you will discover how to obtain and install OWASP Dependency-Check. Next, you will see how Dependency-Check can be used to scan an application for vulnerable dependencies. Finally, you will explore some best practices for reviewing and remediating the output of a Dependency-Check scan. By the end of this course, you will know how to manage these risks by setting up OWASP Dependency-Check scanning on a software project.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Risk Management

Project Risk Management

Financial Risk Manager

Matthew Kendall

Instructor's Courses

Matt is a senior software engineer, technical lead, and consultant with experience in a wide range of technologies, and a particular focus on frontend development and security. He is passionate about delivering, and helping others deliver, high-quality web applications which keep users and their data secure and provide an awesome user experience. Matt has experience working with some of the biggest names in the consumer goods and energy sectors, as well as in highly regulated industries including medical devices, clinical trial management, and nuclear waste disposal. He has also contributed cloud computing, data analysis, and software expertise to important academic research in climate and ocean science for universities in both the US and UK. In his spare time Matt enjoys hiking, flying, and playing Dungeons and Dragons.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.