Vulnerable and Outdated Components are a top 10 OWASP security threat to applications. To mitigate this risk, there’s a commonly used OWASP dependency-check to scan software to identify the use of known vulnerable components.

In this blogpost we will outline a way to run the OWASP dependency-check for Maven projects on GitLab.com.