Difference between revisions of "Software Composition Analysis (SCA)"

From wikieduonline
Jump to navigation Jump to search
(Created page with "{{Draft}}")
 
 
(49 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{Draft}}
+
[[wikipedia:Software Composition Analysis]]
 +
 
 +
 
 +
== Options ==
 +
* [[License risk management]]
 +
* [[Policy management]]
 +
* [[Vulnerability identification]]
 +
* [[Vulnerability management]]
 +
* [[SDLC]] integration
 +
* [[Container scanning]]
 +
* [[Serverless scanning]]
 +
 
 +
Reports
 +
* [[Audit report]]
 +
* [[Risk report]]
 +
 
 +
== Products ==
 +
* [[Flexera]]: [[FlexNet Code Insight]]
 +
* [[FOSSA]]: [[Compliance]]*
 +
* [[Fortify Static Code Analyzer]] (SCA)
 +
* [[GitLab Ultimate]]: [[GitLab Security Dashboards]]
 +
* [[GitHub code scanning]] (Sep 2020) <ref>https://github.blog/2020-09-30-code-scanning-is-now-available/</ref>
 +
* [[JFrog Xray]]
 +
* [[Snyk]] (2015, UK)
 +
* [[Sonatype]]
 +
* [[Synopsys]]: [[Black Duck]] and [[Black Duck Binary Analysis]]
 +
* [[Veracode]]: [[Veracode SCA]] (<code>[[srcclr]]</code>) and [[SourceClear]] SCA
 +
* [[WhiteHat Security]]: WhiteHat Sentinel SCA
 +
* [[WhiteSource]] (2011): automatic [[remediation]]
 +
* [[SonarQube]] (2006-2007)
 +
 
 +
== Related terms ==
 +
* [[Application Security Testing (AST)]]: [[SAST]], [[DAST]]
 +
* <code>[[npm audit]]</code>
 +
* <code>[[docker scan]]</code>
 +
* [[Amazon Inspector]]
 +
* [[Static program analysis]]: <code>[[eslint]]</code>
 +
 
 +
== See also ==
 +
* [[CA Technologies]]
 +
* [[Binary repository manager]]
 +
* {{SCA}}
 +
* {{AST}}
 +
 
 +
 
 +
[[Category:Security]]
 +
[[Category:SCA]]

Latest revision as of 19:21, 16 May 2022

Advertising: