Software Composition Analysis
Browse 30 cybersecurity tools tagged with "Software Composition Analysis"
DerSecur Software Composition
Risk Assessment
DerSecur Software Composition Analysis (SCA) on SecurityListing: SCA tool for SBOM generation, dependency analysis, and open-source risk mgmt.
Anchore Enterprise
Container Security
Anchore Enterprise on SecurityListing: Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
Flyingduck Software Composition
API Security
Flyingduck Software Composition Analysis on SecurityListing: SCA tool for identifying & resolving vulnerabilities in dependencies
Invicti Software Composition
Vulnerability Assessment
Invicti Software Composition Analysis on SecurityListing: SCA tool with proof-based validation and runtime analysis for open-source risks
BoostSecurity Software Supply
Software Composition Analysis
BoostSecurity Software Supply Chain Protection on SecurityListing: Software supply chain security platform for SDLC infrastructure protection
Ossprey
Threat Intelligence Platforms
Ossprey on SecurityListing: Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
Phylum
Software Composition Analysis
Phylum on SecurityListing: Identifies 137 malicious npm packages and gathers system information to a remote server.
MatosSphere Software Composition
Container Security
MatosSphere Software Composition Analysis on SecurityListing: SCA tool for detecting vulnerabilities & license risks in open-source deps
DeepSource SCA
Software Composition Analysis
DeepSource SCA on SecurityListing: SCA platform with reachability analysis, AI-powered fixes, and license compliance
Finite State Platform
Software Composition Analysis
Finite State Platform on SecurityListing: Platform for vulnerability detection in firmware, binaries, and SBOMs
Jsmon 2.0
API Security
Jsmon 2.0 on SecurityListing: JavaScript security scanner for detecting vulnerabilities in third-party scripts
Raven Runtime Prevention
Software Composition Analysis
Raven Runtime Prevention on SecurityListing: Runtime protection preventing supply-chain attacks & exploits via library-level policies
FossID Software Composition
Software Composition Analysis
FossID Software Composition Analysis on SecurityListing: SCA tool for code scanning, license identification, and SBOM generation
Heeler Runtime, Fixability-First
Threat Intelligence Platforms
Heeler Runtime, Fixability-First SCA on SecurityListing: Runtime SCA tool prioritizing fixable & exploitable open-source vulnerabilities
Endor Labs Application
Software Composition Analysis
Endor Labs Application Security on SecurityListing: AI-powered AppSec platform for code, dependencies, and container security
Koi Platform
Risk Assessment
Koi Platform on SecurityListing: Tracks, governs, and secures software installs across endpoints and marketplaces.
pac-resolver
Software Composition Analysis
pac-resolver on SecurityListing: Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
Sabotage: Code added
Software Composition Analysis
Sabotage: Code added to popular NPM package wiped files in Russia and Belarus on SecurityListing: A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.
Raven Runtime Application
Container Security
Raven Runtime Application Protection on SecurityListing: Runtime app protection with function-level reachability and exploit prevention
SCANOSS Geo Provenance
Risk Assessment
SCANOSS Geo Provenance Dataset on SecurityListing: Identifies geographic origin and authorship of open source code components
SCANOSS Security Dataset
API Security
SCANOSS Security Dataset on SecurityListing: Vulnerability detection dataset for declared & undeclared dependencies in code
Anchore Secure
Container Security
Anchore Secure on SecurityListing: Container & source code scanning for vulnerabilities, malware, and secrets
Flyingduck Comprehensive SBOM
Software Composition Analysis
Flyingduck Comprehensive SBOM Management on SecurityListing: SBOM management platform for tracking dependencies and vulnerabilities
Raven Runtime SCA
Software Composition Analysis
Raven Runtime SCA on SecurityListing: Runtime SCA tool that identifies exploitable vulnerabilities in cloud environments
Snyk Developer Security
Cloud Security
Snyk is a developer security platform that enables teams to find and automatically fix vulnerabilities in open source dependencies, container images, infrastructure as code, and application code. Unlike traditional security tools that operate as gate-checks, Snyk integrates directly into developer workflows through IDE plugins, CI/CD integrations, and SCM systems, enabling security testing at every stage of development.
The Code Registry
Software Composition Analysis
The Code Registry Application & Supply Chain Security on SecurityListing: AI-driven app & supply chain security platform with SBOM generation & scanning
Wiz Supply Chain
Container Security
Wiz Supply Chain Security on SecurityListing: Cloud-native SCA and SBOM platform for supply chain security across code to runtime
SCANOSS Licence Dataset
API Security
SCANOSS Licence Dataset on SecurityListing: Open source license compliance dataset for detecting code snippets & obligations
SCANOSS Encryption Dataset
Risk Assessment
SCANOSS Encryption Dataset on SecurityListing: Identifies cryptographic algorithms and libraries in code for compliance
MergeBase Software Composition
Software Composition Analysis
MergeBase Software Composition Analysis on SecurityListing: SCA platform for managing open source vulnerabilities across SDLC