Prompt To begin, open the code base in Eclipse. Refer to the Uploading Files to Eclipse Desktop Version Tutorial for testing the code base in Eclipse. Then integrate the Maven Dependency Check plug-in...

Prompt

To begin, open the code base in Eclipse. Refer to the
Uploading Files to Eclipse Desktop Version Tutorial
for testing the code base in Eclipse. Then integrate the Maven Dependency Check plug-in for the
code base.

Please note:
“Integrating the Static Testing Tool” was a non graded task that you should have completed in the previous module, so you may have already completed these steps.

Follow the instructions in the
Integrating the Maven Dependency Check Plug-in Tutorialto learn how to integrate and run the dependency check plug-in into Maven for conducting static testing. Use the instructions in the tutorial to identify the software security vulnerabilities. Specifically, address the following in a
Static Testing Summary:

• 
  Run the dependency check
  on the code base. Include a screenshot of the HTML report in your Static Testing Summary. Be sure the screenshot includes the scan information at the top of the dependency check report.


• In addition to showing that the dependency check ran effectively,
  document the results
  from the dependency check. Be sure to identify the codes and descriptions of the dependencies found by including these details for each dependency in your Static Testing Summary.


• 
  Interpret the results
  to identify widely accepted solutions for addressing dependencies in the code base. Summarize your findings in your Static Testing Summary. You can refer to industry standard guidelines such as the
  Common Vulnerabilities and Exposures
  (CVE) and the
  National Vulnerability Database
  (NVD). Consider why false positives should be filtered from the dependency check tool and discuss in your Static Testing Summary.