Software composition analysis (SCA) tools provide an inventory of all open-source components used in a project, including their versions and licenses, and identify known vulnerabilities in these components, effectively producing a Software Bill of Materials (SBOM) (Alvarenga, 2023a).

Authors

• Person: Not available Organization: Department for Science, Innovation and Technology
  Open source software best practices and supply chain risk ... - GOV.UK

Sources

• Open source software best practices and supply chain risk ... - GOV.UK www.gov.uk Department for Science, Innovation and Technology via serper

Referenced by nodes (3)

• Software Bill of Materials (SBOM) concept
• open-source software components concept
• software composition analysis concept