diff --git a/handbook/content/52_activity_23.md b/handbook/content/52_activity_23.md index 188fb40cbc82bc01fff7b6e3c48588896a3c6649..d987e021926bdd48b5733c6996a68fdcec688190 100644 --- a/handbook/content/52_activity_23.md +++ b/handbook/content/52_activity_23.md @@ -36,7 +36,7 @@ The following **verification points** demonstrate progress in this activity: * [OWASP Dependency check](https://github.com/jeremylong/DependencyCheck): dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project’s dependencies. * [OSS Review Toolkit](https://oss-review-toolkit.org/): a suite of tools to assist with reviewing Open Source Software dependencies. * [Fossa](https://github.com/fossas/fossa-cli): fast, portable and reliable dependency analysis. Supports licence & vulnerability scanning. Language-agnostic; integrates with 20+ build systems. -* [Software 360](https://projects.eclipse.org/projects/technology.sw360). +* [Eclipse SW360](https://projects.eclipse.org/projects/technology.sw360) and their [Github repo](https://github.com/eclipse/sw360). A software catalogue for managing SBOM. * [Eclipse Dash licence tool](https://github.com/eclipse/dash-licences): takes a list of dependencies and requests [ClearlyDefined](https://clearlydefined.io) to check their licences.