Dependency Management
Premium roomLearn about the security concerns regarding dependency management in the automated DevOps pipeline.
easy
120 min
10,054
To access material, start machines and answer questions login.
It is very uncommon in modern times to find an application written completely from scratch. Furthermore, writing it completely from scratch is probably a bad idea since you will most likely introduce vulnerabilities by trying to reinvent the wheel. Instead, modern applications make extensive use of libraries and Software Development Kits (SDKs) that assist with the basic (and sometimes complex) features of the application, allowing the developer to focus purely on the key features and functionality of the application.
These libraries and SDKs are called dependencies since our application depends on them. While dependencies make our lives a lot easier, they have to be securely managed since they now form part of the overall attack surface of the application. In this room, we will learn about security concepts associated with dependency management and show how a specific dependency management issue can be exploited by an attacker.
Learning Objectives
This room will teach you about the following concepts:
- Security principles of dependency management
- Securing external and internal dependencies
- attacks
Ready to learn Cyber Security?
The Dependency Management room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in