Tag
sca-vulnerabilities
Safeguard articles tagged "sca-vulnerabilities" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Supply Chain
SCA Scanning: What It Catches in Practice
SCA scanning finds known CVEs in your open-source dependencies and license conflicts you didn't know you'd agreed to — here's exactly what a scan catches, in order of how often it actually matters.
Sep 30, 20255 min read
Supply Chain
SCA Security: What Software Composition Analysis Actually Catches
SCA security scans the open source dependencies that make up most of your codebase, finding known CVEs, risky licenses, and malicious packages. Here is what it catches — and what it does not.
May 27, 20257 min read