The final goal of the FASTEN project is to be able to perform a more sophisticated analysis of security-vulnerability propagation, licensing compliance, and dependency risk profiles by relying on the call-level dependency network of the whole software ecosystem. In this talk, we will present some first results of the project and demonstrates how FASTEN works on top of Java/Maven ecosystem.