Dependency-Track on Ubuntu 24.04 LTS

Azure Security

Dependency-Track, continuous software supply chain component analysis, ready to ingest an SBOM on first boot.

Base
Hardened build
minimal ports, security patches applied at build time
Access
Unique credentials
generated on first boot, readable only by root
Verified
Boots working
services pass a health gate before release
Support
24/7, 365 days
by email and live chat, 24 hour response SLA

Overview

Dependency-Track is the OWASP flagship platform for software supply chain component analysis. It ingests CycloneDX SBOMs, continuously tracks every component against vulnerability intelligence, and reports risk across a portfolio of projects. Security and engineering teams use it to know what is in their software and which parts have become vulnerable.

Why the cloudimg image

cloudimg ships Dependency-Track hardened, fully patched and preconfigured with its database, reverse proxy and web interface already wired together, with data on a dedicated disk. A unique admin credential is generated on first boot and the well known default login is verified dead before the image ships. Paired with a step by step deploy guide and backed by 24/7 support.

Common uses

  • SBOM analysis
  • Software supply chain risk
  • Continuous component monitoring

See it running

Real screenshots taken while testing this image against its deployment guide.

Dependency-Track on Ubuntu 24.04 LTS screenshot 1 Dependency-Track on Ubuntu 24.04 LTS screenshot 2 Dependency-Track on Ubuntu 24.04 LTS screenshot 3 Dependency-Track on Ubuntu 24.04 LTS screenshot 4