Tuesday, August 3, 2021

Azure Devops - OWASP Dependency Check

https://marketplace.visualstudio.com/items?itemName=dependency-check.dependencycheck


OWASP Dependency Check

Dependency-Check is a software composition analysis utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. Currently, Java and .NET are supported; additional experimental support has been added for Ruby, Node.js, Python, and limited support for C/C++ build systems (autoconf and cmake)


The OWASP Dependency Check Azure DevOps Extension enables the following features in an Azure Build Pipeline:

  • Software composition analysis runs against package references during build on both Windows and Linux build agents.

  • Export vulnerability data to HTML, JSON, XML, CSV, JUnit formatted reports

  • Download vulnerability reports from the build's artifacts

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Azure - Pipeline - Add Approver for Stage

https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass