Topic: software composition analysis

CodeSentry launched to find security blind spots in third-party code

GrammaTech has announced a new software composition analysis (SCA) product, CodeSentry, that is designed to detect vulnerabilities in application components including binaries, and create a detailed software bill of materials.  According to the company, it identifies blind spots and allows security professionals to measure and manage risk quickly throughout the SDLC.  With the bill of … continue reading

When does SCA replace SAST or DAST?

The short answer is never. There, I just saved you enough time that you can go and do the right thing and run SAST and DAST and work on hardening your code, instead of trying to test security into your application. Look, every time a new technology, process, or technique comes along there are some … continue reading

SD Times news digest: WhiteSource’s software composition analysis, MapR’s AI training program, and MariaDB TX 3.0

WhiteSource has announced the launch of its software composition analysis tool, Effective Usage Analysis. The solution provides details on how software components are being used and highlights their impact on the application’s security. According to WhiteSource, the tool will reduce open-source vulnerability alerts by 70 percent.   “Our Effective Usage Analysis technology allows security and … continue reading

Synopsys to acquire Black Duck Software

Synopsys and Black Duck Software have signed an agreement that will allow Synopsys to acquire Black Duck for approximately $565 million. Black Duck is known for its open source security and license management solutions. The acquisition is expected to close in December of this year. The transaction will be subject to Hart Scott Rodino regulatory … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!