Vandana Verma

Security Leader

OWASP Spotlight - Project 2 - Dependency Check

OWASP has so many amazing and great projects which can help organisations, developers, security testers and many more groups. However, working with OWASP projects very closely in the past few years, I have realised people do not know about a lot of projects or even have no clue if they exist.

So, here I am writing the part series on OWASP Projects with a video describing about the project. This is the second blog as part of the OWASP Spotlight Series talking about OWASP Dependency Check.

While some known vulnerabilities lead to only minor impacts, some of the largest breaches to date have relied on exploiting known vulnerabilities in components. Depending on the assets we are protecting, perhaps this risk should be at the top of the list.

Here, In the talk, I am discussing about using components with known vulnerabilities along with the impact and how to fix them. Not to miss the important part, how to identify the dependencies in the code using OWASP Dependency Check


Lot of people want to look for the shorter length video to get the quick glance through, here is the Short Video for them


About the Project :- https://owasp.org/www-project-dependency-check/

About Using components with known vulnerabilities - https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities

Refer to the first blog: https://infosecvandana.com/post/owstg/

Refer - https://owasp.org/ to know about more projects

Kind help from GB Hackers and Tutorials point