Dependency-Track

@DependencyTrack

Open Source Supply Chain Component Analysis Platform

Vrijeme pridruživanja: prosinac 2017.

Medijski sadržaj

  1. 16. pro 2019.

    Dependency-Track v3.7 now available. This release includes: - Support for internal components - Increased precision of CPE analysis - SVG badge improvements - Hex repo support for and - Bug fixes

  2. 14. lis 2019.

    The security team from has created a CLI client called “dtrack-audit”. It works similar to “npm audit” but, like Dependency-Track itself, is ecosystem agnostic. Use with to identify vulns at build.

  3. 28. ruj 2019.

    Dependency-Track v3.6 is now available. This release supports , performance improvements, detection of OS and hardware vulns, SVG badges, pub via webhooks, and more. Download: Change Log:

  4. 11. ruj 2019.

    Here’s a preview of our updated docs which have been greatly enhanced in preparation for the launch of v3.6. Oh, and we have badges!

  5. 10. ruj 2019.

    A VulnDB analyzer will be included in v3.6. This provides the ability to analyze components defined in a for known vulnerabilities. This capability is in addition to the VulnDB mirroring that’s already supported. The new analyzer doesn’t require a mirror. Works directly.

  6. 19. srp 2019.

    Check out the native integration between Dependency-Track and SSC including background info, setup, and general usage. Auditing static and component analysis results together is ideal for dev teams.

  7. 3. srp 2019.
    Odgovor korisniku/ci
  8. 6. lip 2019.

    Dependency-Track v3.5.0 is now available. This release is a major step forward with improvements to performance, reliability, and quality. Download: Change Log:

  9. 6. lip 2019.

    Today, we’re celebrating 100K Docker pulls. Since the project reboot 14 months ago, there have been 6 major releases (15 total), an active and engaging community, and growing adoption of as a viable alternative to traditional . Thank you. Also v3.5.0 is now available.

  10. 12. svi 2019.

    We will be incrementally supporting GitHub Package Registry starting with v3.6.

    Prikaži ovu nit
  11. 26. tra 2019.

    Our website just received an update and now includes an interactive animation showcasing how Dependency-Track approaches risk.

  12. 22. sij 2019.

    Dependency-Track plugin v2.1.0 released. New in this version is support for configurable Risk Gate Thresholds which can optionally put a job into an UNSTABLE or FAILED state depending on the number of findings for specific severities. Squashed a few bugs as well.

  13. 22. pro 2018.

    Dependency-Track v3.4 released! This release includes native support for and SSC, and repo support, and lots more. Download: Change Log:

  14. 6. pro 2018.

    The Dependency-Track Plugin for SSC has been published to the Fortify Marketplace. Grab it and get SSC prepared for integration when Dependency-Track v3.4 launches later this month.

  15. 29. stu 2018.

    Let us know what you’d like to see improved in Dependency-Track v3.5. See an enhancement (or bug) you want done. Upvote it. Help guide the projects direction. Also v3.4 is launching in December with four new integrations.

  16. 21. stu 2018.

    Check out our BOM-first approach to continuous component analysis (aka SCA) and see how your team can benefit from the

  17. 13. stu 2018.

    Jenkins plugin v2.0 released! This is a major milestone and has the ability to upload or BoMs and get actionable vulnerability intelligence directly in Jenkins. Requires Dependency-Track v3.3.1 (also released today)

  18. 10. stu 2018.
    Odgovor korisnicima

    lol, yeah, “Usable Security” is a thing.

  19. 8. stu 2018.

    Are you curious to find out what we’re working on or prototyping? Head over to our channel () and join the conversation. (Invite: ). We’re currently showing off a next-gen Jenkins plugin with async/sync scanning.

  20. 8. stu 2018.

    I added a video to a playlist Find and Track the hidden vulnerabilities inside your dependencies

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·