January 26, 2018

Finding Vulnerable Open Source Packages

Finding Vulnerable Packages

Now that you understand what a known vulnerability is, let’s start going through the four steps needed to address them: find, fix, prevent, and respond.

The first step in solving any problem is acknowledging you have one! And so, with vulnerable packages, your first act should be to look for vulnerable packages your application is consuming. This chapter discusses how to test your application, when and how you should run such a test, and the nuances in running the test and interpreting the results.

Taxonomy

Before you start testing, let’s first discuss what you should anticipate seeing in the results.

Read more at O'Reilly

Click Here!