Topic: sca

When does SCA replace SAST or DAST?

The short answer is never. There, I just saved you enough time that you can go and do the right thing and run SAST and DAST and work on hardening your code, instead of trying to test security into your application. Look, every time a new technology, process, or technique comes along there are some … continue reading

The future of application security

A crystal ball presentation on the future of application security at the Gartner Security and Risk Management Summit this year caught the eye of us in the software security space. In case you missed it, the top-line predictions were: By 2022, software composition analysis (SCA) will surpass traditional AST tools (SAST, DAST) as the primary … continue reading

5 ways static code analysis can save you

If you’re not doing static code analysis (aka static analysis), now is the time to start. Delivering code faster has dubious value if the quality degrades as development cycles shrink. On the other hand, if you’re not doing static code analysis, you’re not alone. Despite the mature age of the tool category, not a lot … continue reading

CA Technologies acquires SourceClear for its DevSecOps portfolio

CA Technologies announced its acquisition of software composition analysis specialists SourceClear early this week with aims to incorporate SourceClear’s SaaS-based SCA tool and proprietary vulnerability database with their Veracode cloud platform. “We are excited about what this acquisition means for our customers in terms of increased support for SCA in DevSecOps environments and the ability … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!