D
Dependency Scanning
Dependency scanning identifies vulnerabilities in third-party libraries and packages used by applications.
What is Dependency Scanning?
Dependency scanning automatically identifies known vulnerabilities in third-party libraries, frameworks, and packages used by applications, enabling proactive remediation.
Dependency Scanning Tools
Dependabot, Snyk, OWASP Dependency-Check, npm audit, pip-audit.
Common Misconceptions
- "Direct dependencies only matter" - Transitive deps are vulnerable too
- "No CVE means safe" - New vulnerabilities discovered daily
- "Update everything immediately" - Risk-based prioritization