Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DTPDEVEL and version 2020.1

...

OWASP dependency-check is an open source tool that scans Java and .NET projects and identifies the use of known vulnerable components. Parasoft OWASP Dependency Check Pack reads the results the OWASP dependency-check tool and performs the following actions:

...

reports vulnerabilities to Parasoft DTP in a standardized format. This enables DTP to present the data in widgets and to provide remediation paths for addressing the vulnerabilities. 

Vulnerabilities are reported in DTP as violations of the OWASP Top 10 2013 entry: A9 Using Components with Known Vulnerabilities guideline. When Merging the OWASP Dependency Check Pack data is merged with code analysis results from Parasoft Jtest or dotTEST , you are able to fully implement an enables the full implementation of your OWASP security compliance initiative.   

...