Wave Report

The Forrester Wave™: Software Composition Analysis, Q3 2021

The 10 Providers That Matter Most And How They Stack Up

August 18th, 2021
With contributors:
Amy DeMartine , Caroline Provost , Peggy Dostie


In our 37-criterion evaluation of software composition analysis (SCA) providers, we identified the 10 most significant ones — Checkmarx, FOSSA, GitLab, JFrog, Revenera, Snyk, Sonatype, Synopsys, Veracode, and WhiteSource — and researched, analyzed, and scored them. This report shows how each provider measures up and helps security professionals select the right one for their needs.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($2995).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.