Difference between revisions of "Software Composition Analysis (SCA)"

From wikieduonline

Jump to navigation Jump to search

Latest revision as of 19:21, 16 May 2022

wikipedia:Software Composition Analysis

Contents

1 Options
2 Products
3 Related terms
4 See also

Options[edit]

Reports

Products[edit]

Flexera: FlexNet Code Insight
FOSSA: Compliance*
Fortify Static Code Analyzer (SCA)
GitLab Ultimate: GitLab Security Dashboards
GitHub code scanning (Sep 2020) ^[1]
JFrog Xray
Snyk (2015, UK)
Sonatype
Synopsys: Black Duck and Black Duck Binary Analysis
Veracode: Veracode SCA (srcclr) and SourceClear SCA
WhiteHat Security: WhiteHat Sentinel SCA
WhiteSource (2011): automatic remediation
SonarQube (2006-2007)

Related terms[edit]

Application Security Testing (AST): SAST, DAST
npm audit
docker scan
Amazon Inspector
Static program analysis: eslint

See also[edit]

CA Technologies
Binary repository manager
Software Composition Analysis (SCA): Flexera, FOSSA, GitLab Ultimate, JFrog Xray, Snyk, Sonatype, Synopsys: Black Duck, Veracode, WhiteHat Security, WhiteSource, Bill of Materials (BOM), Semgrep, Clair
Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx

↑ https://github.blog/2020-09-30-code-scanning-is-now-available/

Retrieved from "https://www.wikieduonline.com/index.php?title=Software_Composition_Analysis_(SCA)&oldid=136655"

Advertising: