SaaSHub helps you find the best software and product alternatives Learn more →
Top 4 Java Appsec Projects
-
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
I use ZAP [1] with the OAST add-on for this at the moment. I admit the UX isn't perfect, but it serves my purpose.
If I also want control over the responses (e.g. return a 401 status code for every fifth request), I have a custom extender script [2] for that.
To detect these types of vulnerabilities, we should first and foremost know our dependencies and versions, and which of them have vulnerabilities. The OWASP Top 10 2021 identifies this need as A06:2021-Vulnerable and Outdated Components. OWASP has several tools for this, including Dependency Check and Dependency Track. These tools will warn about the use of components with vulnerabilities.
Java Appsec related posts
- Dependency-Track
- Is there any news about 64 bit Steam?
- The SBOM Frenzy Is Premature
- CycloneDX SBom (Software Bill of material) Maven Demo
- 8 top SBOM tools to consider
- Dependency-Track
- Ծրագրային անվտանգություն՝ SQL Injection (մաս 2)
-
A note from our sponsor - SaaSHub
www.saashub.com | 19 Apr 2024
Index
What are some of the best open-source Appsec projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | ZAP | 11,965 |
2 | dependency-track | 2,303 |
3 | VulnerableApp | 249 |
4 | sechub | 239 |