OWASP dependency check on GitLab.com - JDriven Blog
Vulnerability Scanning at Palantir | Palantir Blog
How to Fix SCA Vulnerabilities for Maven Projects | by Gerald Nguyen | Level Up Coding
Can SonarQube detect code that used the Log4J2 in a way that is vulnerable? - SonarQube - Sonar Community
Java Security: Open Source tools for use in CI/CD pipelines
Google Tsunami vulnerability scanner is now open-source
Catching Vulnerabilities Instantly in Your IntelliJ IDEA Environment | The IntelliJ IDEA Blog
Dealing with Java CVEs: Discovery, Detection, Analysis, and Resolution
How to Use OWASP Vulnerabilities Scan Tool?
Snyk | Developer security | Develop fast. Stay secure. | Snyk
5 Java Scanning Tools Comparation - Which is the best tool?
OWASP Vulnerability Checks With Maven | by Nassos Michas | ITNEXT
Finding vulnerabilities in third party libraries – Dominik Schadow
Java Vulnerability Scanner - SOOS
HOW CAN THE OWASP DEPENDENCY TRACKER BE USED TO IMPROVE THE APPLICATION SECURITY LIFECYCLE? | Briskinfosec
Detecting Vulnerable Dependencies with Maven and the OWASP Dependency Check Plugin | hasCode.com
OWASP - Dependency Check | PPT
Vulnerable Dependencies tool window - JetBrains Guide
Automate dependency analytics with GitHub Actions | Red Hat Developer
How are compile dependencies handled in dependency management? · Issue #4036 · jeremylong/DependencyCheck · GitHub
Android Security: Scanning your app for known vulnerabilities | by Matthew Dolan | Medium
How to Check if a Java Project Depends on A Vulnerable Version of Log4j - DZone
Vulnerability scanning for enhanced Java security. | BellSoft Java
Snyk Security - Code, Open Source, Container, IaC Configurations - IntelliJ IDEs Plugin | Marketplace
Java Security: Open Source tools for use in CI/CD pipelines
How to efficiently handle Java application vulnerabilities without hassle | by Gavin Fong | Medium
Using OWASP Dependency Check to scan a Vue app – Dev Notes
The little-known side of vulnerabilities in open source dependencies of applications | SAP Blogs
13 tools for checking the security risk of open-source dependencies
