Difference between revisions of "Software Composition Analysis (SCA)"

This article is a Draft. Help us to complete it.

• Flexera: FlexNet Code Insight
• FOSSA: Compliance
• GitLab
• JFrog Xray
• Snyk
• Sonatype
• Synopsys: Black Duck and Black Duck Binary Analysis
• Veracode: Veracode SCA and SourceClear SCA
• WhiteHat Security: WhiteHat Sentinel SCA
• WhiteSource (2016): automatic remediation

Related terms

• Application Security Testing
• npm audit

See also

• CA Technologies
• Forrester, Gartner
• Binary repository manager
• Software Composition Analysis (SCA): Flexera, FOSSA, GitLab Ultimate, JFrog Xray, Snyk, Sonatype, Synopsys: Black Duck, Veracode, WhiteHat Security, WhiteSource, Bill of Materials (BOM), Semgrep, Clair
• Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution