Software Composition Analysis (SCA) provides visibility into the open-source components and libraries being incorporated into the software that development teams create. SCA can help manage security and license-related risks. This course provides learners with a fundamental understanding of how to use Software Composition Analysis (SCA) tools to securely integrate open-source software into new code.
Upon successful completion of this course, learners should have the knowledge and skills to:
- Discuss the security risks associated with software vulnerabilities and license compliance
- Understand the SCA Architecture and how the technologies help to make dependency checks possible
- Use the Software Bill of Materials (SBOM) and Vulnerability Databases to fully perform software analysis
- Understand Development Workflow Integration and SCA Limitations
- Use SCA for Containerized Applications and Infrastructure as Code (IaC)