Use Open Source Code Securely with Software Composition Analysis

The Ultimate Guide to SCA, from Checkmarx

Published March 2021


To detect potentially exploitable security vulnerabilities, organizations that create software tend to use solutions such as static, dynamic, and interactive application security testing (AST), to scan their custom and compiled code.

While such solutions are effective at what they are designed for (scanning proprietary code), they are simply not designed to examine the open source code that finds its way into your custom software.

You need something else. Software composition analysis.

Please register, or log in to your account, to download this content.

Biting the hand that feeds IT © 1998–2021