Recently we did a lot of security improvements on all our sites it was long needed and we want to have state of the art security on our websites.
As part of our security projects we went over all of our maven dependencies, cross checked them against vulnerability databases and updated most of them. It’s pointless to have secured app if you are running XML parsing library that allows remote code execution.
This process was very time consuming and not easily repeatable. So I started looking for way to automate it, that way we can check all our dependencies with each release, weekly or daily.Read More