Difference between revisions of "Software Composition Analysis (SCA)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
Line 20: | Line 20: | ||
* [[GitLab Ultimate]]: [[GitLab Security Dashboards]] | * [[GitLab Ultimate]]: [[GitLab Security Dashboards]] | ||
* [[JFrog Xray]] | * [[JFrog Xray]] | ||
− | * [[Snyk]] (2015) | + | * [[Snyk]] (2015, UK) |
* [[Sonatype]] | * [[Sonatype]] | ||
* [[Synopsys]]: [[Black Duck]] and [[Black Duck Binary Analysis]] | * [[Synopsys]]: [[Black Duck]] and [[Black Duck Binary Analysis]] |
Revision as of 08:33, 21 February 2020
This article is a Draft. Help us to complete it.
Contents
Options
- License risk management
- Policy management
- Vulnerability identification
- Vulnerability management
- SDLC integration
- Container scanning
- Serverless scanning
Reports
Products
- Flexera: FlexNet Code Insight
- FOSSA: Compliance
- GitLab Ultimate: GitLab Security Dashboards
- JFrog Xray
- Snyk (2015, UK)
- Sonatype
- Synopsys: Black Duck and Black Duck Binary Analysis
- Veracode: Veracode SCA and SourceClear SCA
- WhiteHat Security: WhiteHat Sentinel SCA
- WhiteSource (2011): automatic remediation
Related terms
See also
- CA Technologies
- Forrester, Gartner
- Binary repository manager
- Software Composition Analysis (SCA): Flexera, FOSSA, GitLab Ultimate, JFrog Xray, Snyk, Sonatype, Synopsys: Black Duck, Veracode, WhiteHat Security, WhiteSource, Bill of Materials (BOM), Semgrep, Clair
- Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution
Advertising: