Sign up to save your podcasts
Or
Share Developers Need Smarter SCA Tools to Fight Software Supply Chain Attacks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Developers Need Smarter SCA Tools to Fight Software Supply Chain Attacks
This story was originally published on HackerNoon at: https://hackernoon.com/developers-need-smarter-sca-tools-to-fight-software-supply-chain-attacks.
Software composition analysis (SCA) tools render too many false positives, and aren't smart enough to find modified dependencies. New methods show promise...
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity.
You can also check exclusive content about #cybersecurity, #appsec, #sast, #third-party-code, #oss, #software-supply-chain-attacks, #sbom, #security, and more.
This story was written by: @andrejc. Learn more about this writer by checking @andrejc's about page,
and for more stories, please visit hackernoon.com.
Software composition analysis (SCA) tools render too many false positives. SCA based on code matching will only find components integrated into a software stack without modification. Pattern recognition and intelligent analysis is needed for components that have been modified in irregular ways. The Apona platform claims to utilize intelligent pattern recognition and deep scanning across file, component, and function levels, detecting OSS with near 100% accuracy.
View all episodes
By HackerNoon
5
22 ratings
This story was originally published on HackerNoon at: https://hackernoon.com/developers-need-smarter-sca-tools-to-fight-software-supply-chain-attacks.
Software composition analysis (SCA) tools render too many false positives, and aren't smart enough to find modified dependencies. New methods show promise...
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity.
You can also check exclusive content about #cybersecurity, #appsec, #sast, #third-party-code, #oss, #software-supply-chain-attacks, #sbom, #security, and more.
This story was written by: @andrejc. Learn more about this writer by checking @andrejc's about page,
and for more stories, please visit hackernoon.com.
Software composition analysis (SCA) tools render too many false positives. SCA based on code matching will only find components integrated into a software stack without modification. Pattern recognition and intelligent analysis is needed for components that have been modified in irregular ways. The Apona platform claims to utilize intelligent pattern recognition and deep scanning across file, component, and function levels, detecting OSS with near 100% accuracy.
More shows like Cybersecurity Tech Brief By HackerNoon
View all
Shawn Ryan Show
42,006 Listeners
Heavy Wireless
11 Listeners