Detecting Vulnerable Dependencies with Maven and the OWASP Dependency Check Plugin
On the one hand adding dependencies to a project is easy, on the other hand securing a project and checking for vulnerable dependencies is way harder. The OWASP dependency check plugin for Maven allows us to scan our project’s dependencies for know vulnerabilities. I will demonstrate its usage in the following short example. Figure 1. OWASP Vulnerability Report Dependencies We just need to add one plugin-dependency to our Mavenized project’s pom.xml. ...