Bring your software development workflows to security
Modern applications rely on a lot of external dependencies. They make it easy for developers to build software components faster. But relying on Open Source software also presents a security risk. New security vulnerabilities are published on a regular basis. Keeping track of them and knowing how to fix these vulnerabilities can sometimes be painful.
Sqreen centralizes all the published vulnerabilities from a lot of different security groups and newsletters. When this plugin is enabled, Sqreen will check the declared list of dependencies from the applications’ dependency list and check if it contains vulnerabilities.
If a vulnerability is detected, Sqreen will suggest the version to update to.
When the application starts, Sqreen will retrieve the list of dependencies the application requires. It will send it to Sqreen’s backend, and the list will be compared with an internally maintained list of known vulnerabilities.
Everytime a new vulnerability is disclosed, this plugin will lookup for vulnerabilities amongst your dependencies.