Automatically Scan Your Project Dependencies for Vulnerabilities Using Docker, Jenkins (Part 1/2)by@jochenrui
848 reads
848 reads

Automatically Scan Your Project Dependencies for Vulnerabilities Using Docker, Jenkins (Part 1/2)

by Jochen Rui3mJanuary 11th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Open Web Application Security Project (OWASP) is a non-profit organisation working on improving the security of software. The Dependency-Check is a Software Composition Analysis (SCA) tool that scans projects for publicly disclosed vulnerabilities. It scans the project for "evidence" which may lead to the identification of Dependencies using the Common Platform Enumeration (CPE) It's basically acts as a mapping and helps to identify the dependencies in our project. In the next part I'll show you how to add a Dockerfile to run a Dependency Check on your existing project and also how to use it as an automated step to your Jenkins Pipeline.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Automatically Scan Your Project Dependencies for Vulnerabilities Using Docker, Jenkins (Part 1/2)
Jochen Rui HackerNoon profile picture
Jochen Rui

Jochen Rui

@jochenrui

Fullstack Dev (JS, TS, Python, Java)

About @jochenrui
LEARN MORE ABOUT @JOCHENRUI'S
EXPERTISE AND PLACE ON THE INTERNET.

Share Your Thoughts

About Author

Jochen Rui HackerNoon profile picture
Jochen Rui@jochenrui
Fullstack Dev (JS, TS, Python, Java)

TOPICS

THIS ARTICLE WAS FEATURED IN...

Permanent on Arweave
Read on Terminal Reader
Read this story in a terminal
 Terminal
Read this story w/o Javascript
Read this story w/o Javascript
 Lite
L O A D I N G
. . . comments & more!