• What we'll do
Abstract: Java applications built today use several third-party libraries and frameworks. We depend on these building blocks so we can build applications faster. However, if one of the libraries we depend on has a known, published vulnerability, then our application may have inherited that vulnerability. This session covers the OWASP Dependency-Check project. It discusses how the tool works and how you can integrate it into your application build process to validate whether or not your application is using known vulnerable libraries.
Bio: Jeremy Long is a principal engineer at a large financial institution. He specializes in securing the SDLC via secure coding training, security requirements and coding standards, tooling for early identification in build pipelines, etc. He has a deep understanding of static analysis and has created and customized automated tools to both decrease assessment time and increase quality. Jeremy is the founder and project lead for the OWASP dependency-check project.
Claim the event and start manage its content.I am the organizer