CRYPTOSOFT OWASP® DEPENDENCY-TRACK SERVICE
Our Service provides you with a reliable, scalable, private version of OWASP Dependency-Track with your own private persistent storage (Postgres database) in minutes. We will maintain and support the Service allowing you to focus your resources on higher value security analysis tasks.
Request a Demo
Integrations
Cryptosoft OWASP® Dependency-Track’s features
Security vulnerabilities
Dependency-Track identifies and prioritizes security vulnerabilities (CVEs) within your software components. It provides actionable insights with remediation steps and keeps you updated with continuous monitoring for newly discovered threats.
Open Source Software Licensing
Simplify open-source license management. Dependency-Track automatically identifies open-source components and provides detailed licensing information, reducing the risk of legal issues and ensuring compliance.
Understanding Dependencies in Your Code
Gain complete visibility into your software supply chain with Dependency-Track’s comprehensive dependency mapping. It helps identify outdated components, and reduces code bloat to optimize your software.
Compliance with Your Security Policy
Define custom security policies and leverage Dependency-Track’s automated checks to ensure your codebase adheres to your organization’s security standards. This streamlines audits, reduces manual work, and enforces secure development practices throughout your software lifecycle.
What is a software supply chain?
A software supply chain encompasses anything and everything that touches an application as it is being developed; the component code, how the components are connected, security, development processes, deployment processes, tools used etc. It is the end-to-end story of assets, processes and tools being used in the creation of a software product.
What is an SBOM?
A “software bill-of-materials” (SBOM) defines the complete inventory of software components and their dependencies in an application. It is defined in JSON text and follows a standard format. SBOMs have emerged as a key building block in software security and software supply chain risk management as they provide visibility into all the components in the chain and their dependencies.
What is OWASP Dependency-Track and why should I use it as part of my security strategy?
OWASP Dependency-Track (D-T) (https://owasp.org/www-project-dependency-track/) is an open source project that has been evolving since 2013. It is an intelligent component analysis platform that allows organizations to identify and reduce risk in the software supply chain by analyzing risks in SBOMs. D-T analyzes components used in the SBOM for security vulnerabilities, license compliance and software pedigree.
