https://www.infoq.com InfoQ Software Composition Analysis Articles feed https://www.infoq.com/articles/dealing-with-java-cves/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Software+Composition+Analysis-articles <img src="https://res.infoq.com/articles/dealing-with-java-cves/en/headerimage/dealing-with-Java-CVEs-discovery-detection-analysis-and-resolution-header-1694161273156.jpg"/><p>This article delves into the importance of integrating Software Composition Analysis (SCA) in CI/CD pipelines for security. It highlights the need for human oversight to accurately assess vulnerability impact and cautions against "alert fatigue." The article also recommends specialized tools for effective vulnerability management.</p> <i>By Lukas Krecan</i> CVE Java Common Vulnerabilities and Exposures Software Composition Analysis Security Vulnerabilities Application Security Development DevOps Architecture & Design article Mon, 11 Sep 2023 11:00:00 GMT https://www.infoq.com/articles/dealing-with-java-cves/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Software+Composition+Analysis-articles Lukas Krecan 2023-09-11T11:00:00Z /articles/dealing-with-java-cves/en