What is Software Composition Analysis (SCA): A Guide
This comprehensive guide will explain how Software Composition Analysis (SCA works), security issues to consider and what to look for in an SCA provider.
Vulnerability Exploitability eXchange (VEX): A Guide
VEX is a machine-readable artifact that contains product and vulnerability details. It can also be considered as a form of a security advisory that provides context to whether a component present in a product or products is affected by one or many vulnerabilities. It can easily integrate with existing tools and can be shared for use.
Vulnerability Patching: A Guide
Vulnerability patching is the short-term implementation of patches, which are pieces of code added to existing software to improve functionality or to remove vulnerabilities that have been...
Attack Surface Management: A Guide
Attack Surface Management (ASM) is the ongoing discovery, inventory, classification, prioritization, and security monitoring of an organization’s IT infrastructure. The attack surface is all of the entry...
What is an SBOM (Software Bill Of Materials): A Guide
Just like you’d find all the ingredients on a package of food, a Software Bill of Materials is a list of all the components contained in a software product. Vendors typically create these bills to describe...