Introduction to OWASP depscan - The SCA Tool That Is Built To Forget - Prabhu Subramanian
Вставка
- Опубліковано 16 лис 2023
- Software composition analysis tools, both commercial and open source, have some problems. They are too noisy, constantly distracting developers and AppSec with needless pull requests and non-actionable alerts. In this talk, we introduce OWASP depscan, the SCA tool that is purpose-built to cut the noise, make security actionable, and help dev teams forget the tool even exists in their CI pipeline.
SPEAKER:
Prabhu Subramanian is the author and OWASP leader behind projects such as CycloneDX Generator (cdxgen) and depscan. He specializes in Supply Chain Security and offers consultancy to global clients via his company, AppThreat Ltd.
The slide deck of this talk can be downloaded here: github.com/OWASP/www-chapter-...
This talk was presented at the OWASP London Chapter meetup on November 16th, 2023 kindly hosted and sponsored by TikTok UK
#OWASP #OWASPLondon #depscan #SCA #SBOM - Наука та технологія
