OWASP Dependency Check

Dependency-Check is an open-source software composition analysis utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. Currently, Java and .NET are supported; additional experimental support has been added for Ruby, Node.js, Python, and limited support for C/C++ build systems.

Integration Description:

SD Elements leverages the results from the OWASP Dependency Check identifying vulnerable components or dependencies in use, to automatically mark the verification status of its security requirements. This tool integration can also support the enablement of our new Process Task Automation (PTA) feature. This is a new event-action framework that supports automatically transitioning SD Elements process tasks to ‘Complete’ based on the occurrence of triggering events within SD Elements, given certain predefined criteria.

Integration Type: Software Composition Analysis

Created By: Security Compass

Documentation: View Documentation

Website: View Website

Questions about SD Elements content?Contact Us