OWASP Dependency-Track 5.0 is GA, built for enterprise scale: early adopters ingested 20K SBOMs/hour and ran single instances with 250K projects and 2M components. Now with horizontal HA, crash safe processing, and supply chain integrity checks. dependencytrack.org/ #SBOM

Community meeting tomorrow at 5PM UTC! linkedin.com/posts/owasp-dep…

Dependency-Track: Open-source component analysis platform - helpnetsecurity.com/2025/10/… - #OpenSource @GitHub #GitHub #CyberSecurity @DependencyTrack #OWASP #SBOM #SaaSBOM #HBOM #VEX #SoftwareSupplyChain

We're honored that @defectdojo has chosen Dependency-Track as one of the top #opensource tools in the #SCA category this year. Here's the press release with all the other great tools on the list. businesswire.com/news/home/2… #SBOM #CycloneDX #OWASP

Today, I attended a session on hashtag @DependencyTrack , where an interesting case study on @monzo Bank was presented by Michael Macnair. It highlighted how they transitioned from a traditional security approach to a more SBOM-driven software supply chain security model. Monzo Bank's Journey to Software Supply Chain Security with SBOMs & Dependency-Track 🔍 Old Approach: • No SBOM (Software Bill of Materials) generation. • Security scans were done using proprietary scanners and in-house tools directly on the code. 🚀 New Approach: • Started generating SBOMs using tools like Syft. • Pushed these SBOMs to Dependency-Track, a popular SBOM management platform. • Leveraged SBOM-driven security analysis for better visibility and risk management. This shift not only improved their security posture but also helped them step into the world of modern software supply chain security, keeping eye on their third party components vulnerabilities, which was lacking in the old architecture. This case study is a great example of how organizations can move beyond traditional scanning and embrace SBOMs for a more structured and proactive approach to security. What are your thoughts on this transformation? Have you seen similar shifts in your organization or still waiting to shifts ? Let’s discuss! 🔍💡 Thanks to Michael Macnair for sharing... #OWASP #OpenSource #CyberSecurity #SBOM #CycloneDX #DependencyTrack #SoftwareSupplyChainSecurity

Join our community meeting next Wednesday, 2nd April at 4-5PM UTC for a presentation from our friends at #Monzo Bank! Learn how they replaced a proprietary vulnerability scanner with #CycloneDX #SBOMs & DT. Calendar: dub.sh/dtcalendar Zoom: dub.sh/dtzoom

OWASP Members change the world. Your membership helps shape the organization and drives our projects and community. If you are not a member or are due for renewal within 60 days, please join or renew today and get 10-25% off! owasp.org/membership > Memberships > Apply

Join us in tomorrow's community meeting at 4PM UTC to learn about the new version 4.12.0, which is scheduled for release later today! github.com/DependencyTrack/c…

.@DependencyTrack is an open-source component analysis platform with a UI #madewithvuejs that helps you to identify & reduce risk in your software supply chain 🔍️ - madewithvuejs.com/dependency…

Fantastic news for @QuarkusIO users! It's now easier than ever to generate accurate CycloneDX SBOMs for your applications. Massive kudos to the Quarkus team for the thoughtful and developer-friendly implementation!

Couldn’t attend this week’s Dependency-Track community meeting? No0WPvVCRyLjwe’ve got the recording. @nscur0 leads us through the project roadmap. We also have special guests from the CycloneDX #cryptography working group presenting #CBOM. Don’t miss it. youtube.com/watch?v=0WPvVCRy…

CBOMs are sexy, you know this right? So if you agree, you should attend the @CycloneDX_Spec meeting tomorrow where you'll learn all about how sexy they are linkedin.com/events/dependen…

Be a driving force in advancing the #OWASP Foundation's mission! Join us as a Corporate Supporter and create a meaningful impact with your support! 🌐🤝 owasp.org/supporters/package… #Cybersecurity #InfoSec #supportnonprofit #nonprofit #benefits #appsec #developers

Join us for our next community meeting on January 31st at 3PM UTC (10:00am U.S. Eastern)! Agenda: - Project / Release Update (~15 min) - How IBM CISO uses Dependency-Track (~10 min) - Q&A (~30 min) Calendar invite: calendar.google.com/calendar… #OWASP #SBOM #CycloneDX #EO14028