Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


451 Report: Securing open source: Software composition analysis comes into its own

Apr 26, 2019

In part 1 of this report, we took a look at the factors driving the recent upsurge of attention given to open source security.

Now, in part 2, we look specifically at software composition analysis, a technology segment that has arisen to deal specifically with managing some of open source's most serious risks.

Read this report to explore the key values of managing security vulnerabilities, license complications and administrative complexities that are driving the adoption of SCA. We'll also take a look at sample vendors, and what we expect in SCA going forward.

This report examines how SCA revolves around three fundamental realms of capability:
•Identifying and resolving security vulnerabilities in the open source components on which software is increasingly built
•Addressing the impact of open source licenses on software projects
•Managing the range and complexity of SCA involvement across the software spectrum


WhiteHat Security