---
title: "Investigating Dependency Issues"
chapter: false
weight: 70
pre: "<b>4. </b>"
---

## Investigating Dependencies on Application are important?

Open source vulnerabilities have traditionally been the domain of DevOps teams, but with increased risks, security teams need to be part of this awareness so everyone can react faster. It’s also crucial to remember to balance business velocity with immediate risk awareness in open source dependencies.

In this section, we will identify, understand, and fix the vulnerabilities found by Snyk, allowing you to manage and prioritize risk in an efficient and easy manner. With this knowledge, you will be able to implement security at the beginning of your workflow, ensuring your code is safe from the moment it is committed to the repository. 

If you made it here in the workshop, congratulations! You are very close to having a great understanding of how we can monitor and fix open source vulnerabilities. Now that you understand why risk awareness in open source dependencies is crucial, let’s get our hands dirty and explore what Trend Micro Cloud One – Open Source Security by Snyk found in our dependencies inside our GitHub repository.

![Integration](/images/dependency.png)