Dependency Vulnerability Management (OWASP A09) Identify and remediate known vulnerabilities in third-party dependencies. When to Use - Running security audits on projects - Updating dependencies - Reviewing Dependabot/Snyk alerts - Setting up CI/CD security checks - Evaluating new packages - Responding to CVE announcements Vulnerability Sources | Source | Coverage | Updates | |--------|----------|---------| | NPM Advisory Database | JavaScript | Real-time | | GitHub Advisory Database | Multi-language | Real-time | | NVD (NIST) | All | Daily | | Snyk Vulnerability DB | Multi-language | Real-t…