From a89af4f6a91f9be41facfaf9a29b41aa2eb9886a Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Fri, 5 Jun 2015 07:03:15 -0400 Subject: [PATCH] fixed links --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index 6d03f0227..f4a9eac16 100644 --- a/index.html +++ b/index.html @@ -206,15 +206,15 @@

About

-

OWASP dependency-check is an open source solution the OWASP Top 10 2013 entry: A9 - Using Components with Known Vulnerabilities. Dependency-check can currently be used to scan Java applications (and their dependent libraries) to identify known vulnerable components.

+

OWASP dependency-check is an open source solution the OWASP Top 10 2013 entry: A9 - Using Components with Known Vulnerabilities. Dependency-check can currently be used to scan Java, .NET, and Python applications (and their dependent libraries) to identify known vulnerable components.

The problem with using known vulnerable components was covered in a paper by Jeff Williams and Arshan Dabirsiaghi titled, “The Unfortunate Reality of Insecure Libraries” (registration required). The gist of the paper is that we as a development community include third party libraries in our applications that contain well known published vulnerabilities (such as those at the National Vulnerability Database).

More information about dependency-check can be found here: