Twitter | Pretraživanje | |
Dependency-Track
Open Source Supply Chain Component Analysis Platform
296
Tweetovi
28
Pratim
496
Osobe koje vas prate
Tweetovi
Dependency-Track proslijedio/la je tweet
Bram Verburg 23. sij
OWASP now flags available package updates. Find the necessary tooling for Mix and Rebar3 projects here
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 7. sij
Dependency-Track v3.7.1 is now available. This release is highly recommend for organizations with a large number of projects or components in their portfolio.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
Steve Springett 31. pro
Looking to improve security in 2020? Consider . As points out, it “will be one of THE big cybersecurity issues of 2020”. Also, thread for acknowledging contributors helping to educate and deliver SBOM info and tools. Let’s do this
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
Steve Springett 19. pro
If you’re into and want to join a where you’re using comply-to-connect to retrieve or SBOMs and real-time analysis, this could be a lot of fun. Info: Details:
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 16. pro
Dependency-Track v3.7 now available. This release includes: - Support for internal components - Increased precision of CPE analysis - SVG badge improvements - Hex repo support for and - Bug fixes
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 9. pro
Interested in Software Bill-of-Materials but don’t know where to start? Check out Dependency-Track, an open source tool that consumes and analyzes ’s to identify risk in apps, assets, or devices across an org.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 22. stu
If you or your organization uses Dependency-Track, consider providing us a bit of feedback and let us know why you’ve chosen to adopt Dependency-Track. Queue the one question survey… Feedback appreciated and anonymous.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
CycloneDX SBOM Spec 20. stu
An initial version of CycloneDX for Composer has been published to Special thanks to for contributing all the code to make this possible. Feedback encouraged prior to release.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
CycloneDX SBOM Spec 20. stu
and community rejoice. has created two CycloneDX build tools that create Software Bill-of-Materials from existing projects. Mix Task: Rebar3:
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
Julien Topçu 12. stu
Odgovor korisniku/ci @DependencyTrack @Devoxx
The Slides 📺 The Repository ♨️ If you want to set up , you can take a look at the talk I gave at last year on that topic
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 4. stu
Dependency-Track Jenkins plugin v2.2.0 is now available. New in this release is support for trending charts for pipeline jobs and project lookups by name and version for synchronous jobs. Requires Dependency-Track v3.6.0 or higher for project lookup functionality.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 27. lis
All CI builds have moved from travis-ci to GitHub Actions. Build status badges have been updated to reflect this change. Building from commits and pull requests will now take place all within GitHub.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
Julien Topçu 22. lis
Odgovor korisniku/ci @DependencyTrack
Et si vous voulez mettre en place , voici la vidéo de mon talk sur le sujet l'année au
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 14. lis
The security team from has created a CLI client called “dtrack-audit”. It works similar to “npm audit” but, like Dependency-Track itself, is ecosystem agnostic. Use with to identify vulns at build.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 29. ruj
Dependency-Track v3.6 is now available. This release supports , performance improvements, detection of OS and hardware vulns, SVG badges, pub via webhooks, and more. Download: Change Log:
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
Patrick Dwyer 23. ruj
Just hooked up to automatically create bug reports in for vulnerabilities. So easy with and the Dependency Track web hook notification option.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 12. ruj
Here’s a preview of our updated docs which have been greatly enhanced in preparation for the launch of v3.6. Oh, and we have badges!
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track proslijedio/la je tweet
Allan Friedman will be missing Shmoo this year 11. ruj
I’ll be around this afternoon. If anyone would like to talk about and software transparency—please reach out / share this.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 10. ruj
A VulnDB analyzer will be included in v3.6. This provides the ability to analyze components defined in a for known vulnerabilities. This capability is in addition to the VulnDB mirroring that’s already supported. The new analyzer doesn’t require a mirror. Works directly.
Reply Retweet Označi sa "sviđa mi se"
Dependency-Track 28. kol
Dependency-Track was recently evaluated against commercial vendors in a private bakeoff. Hear from Steve Springett as he dives into his expectations for software supply-chain component analysis, the maturity of the SCA industry, and and .
Reply Retweet Označi sa "sviđa mi se"