software composition analysis , SCA (Abkürzung)

Software Composition Analysis reduces risk from third-party and open source components.

In October 2014, Veracode announced the addition of a software composition analysis capability to its product portfolio.

Gartner Group refers to the category as Software Composition Analysis.

Veracode provides multiple security analysis technologies on a single platform, including static analysis, dynamic analysis, mobile application behavioral analysis and software composition analysis.

Using proprietary technology, it performed a software composition analysis (SCA) on supplied firmware or application, and identified vulnerable third-party code that was used to build the binary.