Automating Vulnerability Detection

In this lesson, we will explore a few tools that automatically detect vulnerabilities in source code​, including the OWASP Dependency-Check tool.

OWASP Dependency-Check

OWASP has a free, open-source tool called Dependency-Check that can help automate the detection of vulnerable third-party libraries. This tool supports Java and .NET, with experimental support for Ruby, Node.js, Python, and C/C++ codebases. One of the nice features of this tool is that it can parse project files that you probably already use for managing your ...