Trends Report

Vendor Landscape: Software Composition Analysis

Security, Legal, And App Dev Pros Find Common Value In Dependency Management

October 21st, 2016
With contributors:
Christopher McClean , Jeffrey Hammond , Trevor Lyness , Peggy Dostie

Summary

Software composition analysis (SCA) tools provide valuable data to security pros, legal pros, and app developers by identifying software vulnerabilities and exposing licenses for open source components. SCA tools come from a cross section of open source scanning vendors and traditional security assessment offerings, but functionality is standardizing. Security pros need to understand the landscape to choose the functionality that best fits their organization's risk management needs. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.

Want to read the full report?

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.