Software Composition Analysis: Check Assembled Product For Known Risks | Synopsys
Dr. Jared DeMott of VDA Labs continues the series on bug elimination with a discussion of software composition analysis (SCA) and its importance in the cybersecurity supply chain. Whether it is Source code, binary executable, or archive, SCA can discover strings, algorithm patterns, artifacts, and code snippets that may contain software weaknesses or vulnerabilities, and produce a software bill of materials that identifies the components and their relative security.
