Sonatype DepShield Finds Open Source Code Vulnerabilities

by Developer.com Staff

The tool can help DevSecOps teams find security issues early in enterprise application development processes.

Sonatype has released DepShield, a new GitHub application that monitors projects and flags security vulnerabilities. It also compiles a list of known vulnerabilities based on GitHub's Issue Tracker.

“The need for more secure coding practices has never been greater,” said Wayne Jackson, CEO of Sonatype. “Developers live, eat and breathe in GitHub. While developers find value in GitHub’s native dependency graph, they need, and are demanding, more self-help security. With DepShield, we’re enabling 28 million developers to add an initial layer of defense, to not only help protect their software projects, but the millions of enterprises, organizations and individuals who will use their code down the road.”

View article

This article was originally published on Wednesday Aug 15th 2018
Mobile Site | Full Site