adporn.net A6: Vulnerable and outdated components - SonarQube Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Static Application Security Testing

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

A6: Vulnerable and outdated components

A6: Vulnerable and outdated components - SonarQube Tutorial

From the course: Static Application Security Testing

Start my 1-month free trial Buy for my team

A6: Vulnerable and outdated components

“

- [Instructor] The sixth set of risks in the OWASP top 10 list are flaws related to vulnerable and outdated components. This category of flaws is very closely related to security misconfigurations but with a twist. While security misconfigurations focus on applying the right security settings in your app and your app infrastructure, no amount of configuration changes to a specific component will protect your app if that component has a known vulnerability. Another differentiator is that security configurations map two business risk appetite. You might choose to apply a weaker security configuration for the sake of user convenience, or because you're already using another technology that won't work if you apply that tighter security configuration. Fixing a vulnerable component could require much more effort and come at a higher cost. Applications can easily grow to become complex ecosystems of custom code intermingled with…

Contents