DerScanner, an application security testing platform announces Software Composition Analysis (SCA) 2.0 release
DerScanner, an application security testing platform, is excited to announce the release of its latest version, which introduces a groundbreaking upgrade to its Software Composition Analysis (SCA) capabilities. The new SCA 2.0 is set to revolutionize how organizations approach open source security by offering a seamless workflow that integrates Software Bill of Materials (SBOM) generation, enhanced vulnerability identification, and effective threat remediation.
Also Read:Â Top Misconceptions Around Data Operations and Breaking Down the Role of a VP of Data Ops
Key Features of DerScanner’s SCA 2.0 Module:
– Integrated SBOM Generator: Simplifies the process of creating detailed SBOMs by eliminating the need for external tools, allowing users to effortlessly generate SBOMs directly within DerScanner.
– Dependency Tree Graph: Visualizes project dependencies, making it easier to identify and address security vulnerabilities in both direct and transitive dependencies.
– Hybrid SAST + SCA Analysis: Combines the strengths of SCA and Static Application Security Testing (SAST) to deliver precise vulnerability assessments, including detailed call tracing and execution tracking of vulnerable functions.
– Confi AI for SCA: Advanced AI-driven algorithms minimize false positives, ensuring that security teams focus on the most critical vulnerabilities, saving time and improving remediation efforts.
– Enhanced PURL Mapping: Increases accuracy in vulnerability identification by utilizing Package URL (PURL), a more precise mapping method tailored specifically for packages, improving reliability compared to traditional CPE mapping.
– MavenGate Attack Prevention: Proactively monitors expired domains linked to Maven packages, mitigating the risk of domain hijacking in JVM-based projects.
With these enhancements, DerScanner’s SCA 2.0 module addresses the growing challenges of managing open source security, enabling organizations to confidently secure their software supply chains.
In addition to the SCA 2.0 module, the latest release of DerScanner also includes enhancements in Static Application Security Testing (SAST), integrations with Defect Dojo for improved SDLC management, and support for new programming languages such as YAML, TOML, Bash, Powershell, and XML.
Also Read:Â The Dynamic Duo: How CMOs and CIOs Are Shaping the Future of Business
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]