Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @DependencyTrack
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @DependencyTrack
-
Dependency-Track Retweeted
OWASP
@DependencyTrack now flags available@hexpm package updates. Find the necessary tooling for Mix and Rebar3 projects here https://hex.pm/packages?search=sbom …pic.twitter.com/HMeAAv5GAx
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track v3.7.1 is now available. This release is highly recommend for organizations with a large number of projects or components in their portfolio. https://docs.dependencytrack.org/changelog/
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
Looking to improve
#SoftwareSupplyChain security in 2020? Consider#SBOM. As@allanfriedman points out, it “will be one of THE big cybersecurity issues of 2020”. Also, thread for acknowledging contributors helping to educate and deliver SBOM info and tools. Let’s do thishttps://twitter.com/allanfriedman/status/1212052097870581761 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
If you’re into
#SoftwareSupplyChain and want to join a#hackathon where you’re using comply-to-connect to retrieve#CycloneDX or#SPDX SBOMs and real-time analysis, this could be a lot of fun. Info: https://github.com/oasis-tcs/openc2-usecases/tree/master/Cybercom-Plugfest …#SBOM Details: https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/sbom-github.md …#HappyHackinghttps://twitter.com/MdMisi/status/1207254237178138625 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Interested in Software Bill-of-Materials but don’t know where to start? Check out
#OWASP Dependency-Track, an open source tool that consumes and analyzes#SBOM’s to identify risk in apps, assets, or devices across an org. https://dependencytrack.org/#SoftwareSupplyChainThanks. Twitter will use this to make your timeline better. UndoUndo -
If you or your organization uses Dependency-Track, consider providing us a bit of feedback and let us know why you’ve chosen to adopt Dependency-Track. Queue the one question survey… https://www.surveymonkey.com/r/DHYMRT9 Feedback appreciated and anonymous.
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
An initial version of CycloneDX for
#PHP Composer has been published to#Packagist https://packagist.org/packages/cyclonedx/cyclonedx-php-composer … Special thanks to@nscur0 for contributing all the code to make this possible. Feedback encouraged prior to release.#SBOM#SoftwareSupplyChain#SCRMThanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
#Erlang and#ElixirLang community rejoice.@voltonez has created two CycloneDX build tools that create Software Bill-of-Materials from existing projects. Mix Task: https://hex.pm/packages/sbom Rebar3: https://hex.pm/packages/rebar3_sbom …#SBOM#SoftwareSupplyChain#SCRMThanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
The Slides
http://slides.com/julientopcu/how-to-get-properly-hacked#/ …
The Repository
https://gitlab.com/crafts-records/pangloss …
If you want to set up @DependencyTrack, you can take a look at the talk I gave at@devoxx last year on that topic https://youtu.be/UrsjeR-tGrgShow this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Jenkins plugin v2.2.0 is now available. New in this release is support for trending charts for pipeline jobs and project lookups by name and version for synchronous jobs. Requires Dependency-Track v3.6.0 or higher for project lookup functionality.
Thanks. Twitter will use this to make your timeline better. UndoUndo -
All CI builds have moved from travis-ci to GitHub Actions. Build status badges have been updated to reflect this change. Building from commits and pull requests will now take place all within GitHub.
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
Et si vous voulez mettre en place
@DependencyTrack, voici la vidéo de mon talk sur le sujet l'année au#DevFestNanteshttps://youtu.be/barK5AmxpT8Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
The security team from
@Ozon_ru has created a CLI client called “dtrack-audit”. It works similar to “npm audit” but, like Dependency-Track itself, is ecosystem agnostic. Use with#CycloneDX to identify vulns at build. https://github.com/ozonru/dtrack-audit …#opensource#sbom#appsec#owasppic.twitter.com/T3xOfkd4rY
Thanks. Twitter will use this to make your timeline better. UndoUndo -
#OWASP Dependency-Track v3.6 is now available. This release supports#VulnDB, performance improvements, detection of OS and hardware vulns, SVG badges,#SBOM pub via webhooks, and more. Download: https://dependencytrack.org/ Change Log: https://docs.dependencytrack.org/changelog/#AppSec#DevSecOpspic.twitter.com/iHVSH3rtcd
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
Just hooked up
@DependencyTrack to automatically create bug reports in#AzureDevOps for vulnerabilities. So easy with#AzureLogicApps and the Dependency Track web hook notification option.Thanks. Twitter will use this to make your timeline better. UndoUndo -
Here’s a preview of our updated docs which have been greatly enhanced in preparation for the launch of v3.6. Oh, and we have badges!pic.twitter.com/bnhwVaF1qy
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
I’ll be around
#GlobalAppsec this afternoon. If anyone would like to talk about#SBoM and software transparency—please reach out / share this.Thanks. Twitter will use this to make your timeline better. UndoUndo -
A VulnDB analyzer will be included in v3.6. This provides the ability to analyze components defined in a
#SBOM for known vulnerabilities. This capability is in addition to the VulnDB mirroring that’s already supported. The new analyzer doesn’t require a mirror. Works directly.pic.twitter.com/6jvsMVUfPh
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track was recently evaluated against commercial vendors in a private
#SCA bakeoff. Hear from Steve Springett as he dives into his expectations for software supply-chain component analysis, the maturity of the SCA industry, and#SBOM and#SoftwareTransparency.https://twitter.com/edgeroute/status/1166818739842637824 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Dependency-Track Retweeted
I’m pleased to announce a new
#OWASP doc project for software#supplychain maturity. The OWASP Software Component Verification Standard (SCVS). This project aims to normalize component analysis capabilities and concerns. It’s incubating. https://www.owasp.org/index.php/OWASP_Software_Component_Verification_Standard …Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.