1 comment

[ 2.6 ms ] story [ 13.4 ms ] thread
Submitting it due to the latest Log4J vuln, should go hand in hand with OWASP DepTrack https://dependencytrack.org/ combined they provide pretty much the best SCA experience there is OWASP DepTrack has excellent UI and is enterprise ready with OIDC/SSO support to boot.

This is by far the best OWASP project so far and I dare say the best FOSS security project I’ve seen rivaling and beating pretty much every commercial tool out there.