SCA

Automated Software Composition Analysis (SCA) includes scanning and evaluating code dependencies (usually open-source) for known vulnerabilities and licensing.

This process is applicable to composers and dependency managers such as Docker Compose, Maven, NPM Bazel and pip.


Related Terms

Application Security Posture Management

AppSec, but so much

Reclaim AppSec