Hi,
i have a question. In my firm we try to stay secure with in house
application.
We create list of all aplication depedencies with version. Here is my
problem - how to check if they are secure.
How u do that in your jobs?
Thanks for information
Best Whishes
Lukasz Demczuk
Hello Lukasz,
Could you describe your application a bit in detail so that we might be
able to answer you specifically with respect to your need.
On Wed, May 15, 2013 at 8:46 PM, Łukasz Demczuk mamut1609@gmail.com wrote:
Hi,
i have a question. In my firm we try to stay secure with in house
application.
We create list of all aplication depedencies with version. Here is my
problem - how to check if they are secure.
How u do that in your jobs?
Thanks for information
Best Whishes
Lukasz Demczuk
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
--
Regards
Aditya Balapure
If you're building in Java then you could use the Victims database: http://securityblog.redhat.com/2013/01/02/detecting-vulnerable-java-dependencies-at-build-time/
Comes with a maven plugin too.
regards,
Stephen
On 15 May 2013, at 17:16, Łukasz Demczuk wrote:
Hi,
i have a question. In my firm we try to stay secure with in house application.
We create list of all aplication depedencies with version. Here is my problem - how to check if they are secure.
How u do that in your jobs?
Thanks for information
Best Whishes
Lukasz Demczuk
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
Thx stephen this one of programing language i needed. Second is c++ any
sugestion for that?
Stephen u make my day :)
Best whishes
demczuk lukasz
15 maj 2013 18:18, "Stephen de Vries" stephendv@gmail.com napisał(a):
If you're building in Java then you could use the Victims database:
http://securityblog.redhat.com/2013/01/02/detecting-vulnerable-java-dependencies-at-build-time/
Comes with a maven plugin too.
regards,
Stephen
On 15 May 2013, at 17:16, Łukasz Demczuk wrote:
Hi,
i have a question. In my firm we try to stay secure with in house
application.
We create list of all aplication depedencies with version. Here is my
problem - how to check if they are secure.
How u do that in your jobs?
Thanks for information
Best Whishes
Lukasz Demczuk
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
Java - https://github.com/jeremylong/DependencyCheck
Ruby on Rails - https://github.com/postmodern/bundler-audit
HTH
cktricky
On Wed, May 15, 2013 at 12:18 PM, Stephen de Vries stephendv@gmail.comwrote:
If you're building in Java then you could use the Victims database:
http://securityblog.redhat.com/2013/01/02/detecting-vulnerable-java-dependencies-at-build-time/
Comes with a maven plugin too.
regards,
Stephen
On 15 May 2013, at 17:16, Łukasz Demczuk wrote:
Hi,
i have a question. In my firm we try to stay secure with in house
application.
We create list of all aplication depedencies with version. Here is my
problem - how to check if they are secure.
How u do that in your jobs?
Thanks for information
Best Whishes
Lukasz Demczuk
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org