Tracking vulnerabilities in your Universal Package Manager
Integrating vulnerability scanning with your Universal Package Manager allows you to identify known security and compliance risks.
Because your Universal Package Manager is such a vital link in your DevOps Toolchain, it's important to ensure the packages you are using don't have any known vulnerabilities associated with them.
To help our users learn more about the importance of vulnerability scanning, we're hosting a webinar with Vör Security founder and CEO Ken Duck. Ken will cover just how common vulnerabilities are, how to use Vör Security and ProGet together to ensure your components are free of known vulnerabilities, and how to assess them quickly when they are found.
Join us on February 28th at 1PM EST Seats are limited, so sign up now.
As npm and NuGet didn't exist before 2010, using public libraries as the building blocks of custom software has become common practice in quite a short period of time. This shouldn't surprise anyone since the productivity gains of using public libraries are very attractive, however, with the good, often comes the bad.
Using public libraries while building custom software has always had a major downside. The possibility of potentially introducing unknown vulnerable components into the end product rises, as more public packages used.
That's why Inedo is ecstatic to be partnering with Vör Security. The Partnership between Inedo and Vör Security allows ProGet users to integrate vulnerability scanning as part of their package management, ensuring that compromised components aren't used in software development.