Component libraries are critical for secure software development. They’re included in the frameworks used to run your end systems and web applications, but sometimes the components contain flaws. In this course, instructor Malcolm Shore gives an overview of the basic concepts of software composition analysis, showing you common tools to perform an effective analysis.
Discover the importance of knowing how to extract a software bill of materials, especially when you want to pinpoint vulnerabilities to protect your software from potential attacks. Get tips on identifying components that might lead to a security breach, as you explore which software composition analysis tools to use for each attack. Malcolm gives you pointers on using the CycloneDX SBOM exchange,
SCANOSS, the ShiftLeft SCA tool, and the OWASP dependency checker. By the end of this course, you’ll be equipped with the skills to understand software component analysis and keep your software running safely and securely.
