Software Composition Analysis (SCA)
This article is a Draft. Help us to complete it.
wikipedia:Software Composition Analysis
Contents
Options
- License risk management
- Policy management
- Vulnerability identification
- Vulnerability management
- SDLC integration
- Container scanning
- Serverless scanning
Reports
Products
- Flexera: FlexNet Code Insight
- FOSSA: Compliance*
- Fortify Static Code Analyzer (SCA)
- GitLab Ultimate: GitLab Security Dashboards
- JFrog Xray
- Snyk (2015, UK)
- Sonatype
- Synopsys: Black Duck and Black Duck Binary Analysis
- Veracode: Veracode SCA and SourceClear SCA
- WhiteHat Security: WhiteHat Sentinel SCA
- WhiteSource (2011): automatic remediation
Related terms
See also
- CA Technologies
- Forrester, Gartner
- Binary repository manager
- Software Composition Analysis (SCA): Flexera, FOSSA, GitLab Ultimate, JFrog Xray, Snyk, Sonatype, Synopsys: Black Duck, Veracode, WhiteHat Security, WhiteSource, Bill of Materials (BOM), Semgrep, Clair
- Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution
Advertising: