Software Composition Analysis (SCA) Tool in the Code Repository (Repo)
Integrating SCA Tools in Code Repositories for Continuous Security
Explore Smarter Security with Contrast SCATable of Contents
What is SCA in the Repo
What is repository level SCA? When a Software Composition Analysis (SCA) tool scans a repository, it is looking for known vulnerabilities in the software components that are included in the repository. If the SCA tool finds a vulnerability, it will report the vulnerability to the organization that owns the repository. The organization can then take steps to fix the vulnerability or to mitigate the risk posed by the vulnerability.
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
Built for Developers. Trusted by Security.
Learn Secure Code
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
SQL INJECTION
Learn about SWL injection and how it affects your Java source code
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code