OWASP Dependency Checker

Hi Dev !!!

We are glad to present another interesting meetup. This time about Security and software vulnerabilities !!!! OWASP Dependency checker.

OWASP Dependency checker is a plugin developed to analyze possible vulnerabilities in software projects. To do so, it scans each and every dependency in the dependency tree and looks for any known vulnerabilities in the NIST database.
As output, it will indicate by means of a report if our project is safe or contains some type of vulnerability, indicating its criticality in order to be able to make decisions regarding its resolution. In addition, the use of the plugin can be favoured through its automation with pipelines, which will do the work for us.
If any vulnerability is found, the pipeline will fail, so we will always have peace of mind and avoid merging any branch or deploying any artifact containing vulnerabilities.

In this meetup, we'll show how to use and configure the plugin in order to get the most out of it and keep our projects as secure as possible.

This presentation will be done by Ivan Perez, telecommunications systems engineer and a huge fan of technology. He currently works full time as a technical leader at Parser, where he tries to promote good practices in the world of software development and everything he has learned during his professional career developing projects of all kinds, such as e-commerce, fintech... Apart from that, he is also a normal person who likes sports, DJing and travelling.

Hope to see you there !!!!

Media collaborator: Apium Hub