dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Renamed to vulnerablecomponents

Browse Source
This commit is contained in:
Àngel Ollé Blázquez
2022-07-30 22:41:26 +02:00
parent b93c935d6c
commit 256c1dd3aa
28 changed files with 24 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/main/resources/lessons/vulnerablecomponents/documentation/VulnerableComponents_plan.adoc Normal file
View File

@ -0,0 +1,17 @@
= Vulnerable Components
== Concept
The way we build software has changed. The open source community is maturing and the availability of open source software has become prolific without regard to determining the provenance of the libraries used in our applications. Ref: https://www.sonatype.com/hubfs/SSC/Software_Supply_Chain_Inforgraphic.pdf?t=1485298506170[Software Supply Chain]
This lesson will walk through the difficulties with managing dependent libraries, the risk of not managing those dependencies, and the difficulty in determining if you are at risk.
image::images/OpenSourceGrowing.png[caption="Figure: ", title="Software Supply Chain", alt="SSC", width="500", height="300", style="lesson-image" link="https://www.sonatype.com/hubfs/SSC/Software_Supply_Chain_Inforgraphic.pdf?t=1485298506170[Software Supply Chain"]
== Goals
* Gain awareness that the open source consumed is as important as your own custom code.
* Gain awareness of the management, or lack of management, in our open source component consumption.
* Understand the importance of a Bill of Materials in determining open source component risk