Skip Navigation

The impact of security testing on an organization

By Eddie Knight on April 24, 2023 DAST

12 minute read time

Choosing the right security testing tools is hard, but this guide through IAST, DAST, SAST, and SCA will make it easier for your organization.
Read More...

Why high-quality data is critical for effective software composition analysis (SCA)

4 minute read time

A secure software supply chain requires higher quality data.
Read More...

UPDATE: 21 SaltStack Breaches with 2,900 Still Vulnerable

By Derek Weeks on May 31, 2020 vulnerabilities

6 minute read time

When a vulnerability is announced in an open source project, ask immediately: have we ever used that open source component, and (if yes) where is it?
Read More...

Tanya Janca is "Big Fan of SCA" [VIDEO]

By Zack Conord on May 15, 2020 devsecops

3 minute read time

Zack Conord interviews Tanya Janca of SheHacksPurple about her new business and why she's eager to teach software composition analysis.
Read More...

Real Talk: What Users Really Look For in a Software Composition Analysis (SCA) Solution

By Alyssa Shames on May 12, 2020 AppSec

4 minute read time

Real users explain what you should demand from your SCA tools, including visibility through an SBOM, continuous monitoring, and the ability to scan apps.
Read More...

Your Guide to AppSec Tools: SAST or SCA?

By Alyssa Shames on April 16, 2020 AppSec

4 minute read time

Software composition analysis speeds time to innovation by automating manual open source governance processes that are prone to errors.
Read More...

Why Software Composition Analysis (SCA) Demands Precision

3 minute read time

Software Composition Analysis: Getting to the Signal Through the Noise, by 451 Research, demonstrates Sonatype's leadership in software composition analysis.
Read More...

Software Composition Analysis: Precision Definitely Matters (Just Ask Our Competitors)

3 minute read time

Just two years ago, SCA was more about helping traditional security professionals identify suspects across a broad spectrum of open source ecosystems.
Read More...