The Parasoft Security Bundle is a package tools for your DTP infrastructure that provides visibility into your security compliance efforts. The bundle includes the following tools.
The Parasoft Security Compliance Pack is a set of artifacts for your DTP infrastructure that help you implement your software security compliance initiatives. It includes configurations that re-orient static analysis data to report violations according to security compliance standards. It also includes widgets for viewing your security compliance status and custom compliance DTP dashboards for monitoring the progress toward your overall security compliance goals. The Security Compliance Pack supports the following standards by default:
Read the Security Compliance Pack documentation for installation and usage instructions.
Parasoft OWASP Dependency Check Pack helps you comply with the OWASP Top 10 2013 entry: A9 Using Components with Known Vulnerabilities guideline. It reads the results the third-party OWASP dependency-check tool and performs the following actions:
Vulnerabilities are reported in DTP as violations of the OWASP Top 10 2013 entry: A9 Using Components with Known Vulnerabilities guideline. DTP merges the data from OWASP Dependency Check Pack and code analysis results from Parasoft Jtest or dotTEST to fully implement an OWASP security compliance initiative.
Read the OWASP Dependency Check Pack documentation for installation and usage instructions.