Java Security: Open Source tools for use in CI/CD pipelines
Automate dependency analytics with GitHub Actions | Red Hat Developer
How to identify vulnerable dependencies in a Maven project | Nullbeans
LunaSec Dependency Vulnerability Scanning
OWASP Dependency Check for Vulnerability Reporting
New Google tool reveals dependencies for open source projects - Help Net Security
13 tools for checking the security risk of open-source dependencies
Index · Dependency scanning · Application security · User · Help · GitLab
Vulnerability Scanner: what is it and how does it work? | Snyk
Catching Vulnerabilities Instantly in Your IntelliJ IDEA Environment | The IntelliJ IDEA Blog
How to Analyze the OWASP Dependency-Check? | Argon Security - Holistic Security For Your CI/CD Pipeline
Find and Track the hidden vulnerabilities inside your dependencies (Julien Topçu) - YouTube
A quick guide to GitLab Dependency Scanning | GitLab
dependency-check – About
Vulnerability management in dependencies in CI / CD environments with Open Source tools | BBVA
Secure Software Supply Chain with GitHub Security Features
Detection, assessment and mitigation of vulnerabilities in open source dependencies | SpringerLink
Top vulnerability assessment and management best practices – Sysdig
Introducing the Open Source Insights Project | Google Open Source Blog
Catching Vulnerabilities Instantly in Your IntelliJ IDEA Environment | The IntelliJ IDEA Blog
maven - Why would Sonatype IQ scan report Guava vulnerability when 'mvn dependency:tree' does not show Guava at all? - Stack Overflow
Detecting vulnerable dependencies in IntelliJ IDEA | Vojtech Ruzicka's Programming Blog
Dependency Scanning | GitLab
A quick guide to GitLab Dependency Scanning | GitLab
New Google tool reveals dependencies for open source projects - Help Net Security
