SonarCloud: OWASP Dependency-Check reports

Maarten Smeets April 11, 2021 Continuous Delivery, Cyber Security, DevOps, Java, SaaS No Comments

SonarCloud is a hosted SonarQube SaaS solution which helps you with code quality management. It is free to use for open source projects. You cannot install 3rd party plugins …

[Continue Reading...]

Java Security: Open Source tools for use in CI/CD pipelines

Maarten Smeets March 4, 2021 Containers, Cyber Security, Java, Testing No Comments

It is often expected of a DevOps team to also take security into consideration when delivering software. Often however, this does not get the attention it deserves. In this …

[Continue Reading...]

Jenkins Pipeline: SonarQube and the OWASP Dependency-Check

Maarten Smeets October 16, 2020 Continuous Delivery, Cyber Security, Java, Kubernetes No Comments

The OWASP Foundation plays an important role in helping to improve security of software worldwide. They have created a popular and well-known awareness document called the ‘OWASP Top 10‘. …

[Continue Reading...]

Tag: dependency-check