OWASP Dependency-Track is an open source Software Composition Analysis (SCA) platform that allows organizations to identify and reduce the risk of known vulnerabilities in their software components. It automates the process of obtaining, analyzing, and monitoring software components and their associated vulnerabilities. By providing a centralized repository for all software components, it allows organizations to quickly and easily identify vulnerable components and take corrective action. The platform also provides intelligence on the highest risk components in an organization's software portfolio and allows for the automated enforcement of security policies. Additionally, it helps organizations to define their own custom rules, allowing them to identify new vulnerabilities that may not be known to the industry.
Black Duck Software
WhiteSource
FOSSA
OWASP Dependency-Track Comments
No Comments