Quick Clip: Maximize Your Dependency Knowledge with Deepfactor

Transcript:

When we look at dependencies, we can see the dependencies that are broken down. So here we see the vulnerable dependencies. We get the CVE number. We see what the dependency is. We get the CVSS version three and version two scores. And then, if you expand this, we actually give you a lot more information. So there’s a lot of references that you can click on. It’ll take you out to some more detailed information. And these, on the first tab, are just the vulnerable dependencies that exist within the application.

Now, earlier I mentioned, we also collect all the dependency information. So here you can see all the vulnerable dependencies, rather all the dependencies that are imported by this particular application. So here, you can see things like what was the type of application, what’s the version of the dependency, the license associated to that particular dependency, as well as the vulnerability. So we rate it from critical, down to low.