Test components via SCA
Vulnerability signature update
Vulnerability signature management applies to software composition analysis (SCA) tests. The external sources from which Fluid Attacks updates these signatures are updated daily from Monday to Friday. They are the following: Alpine: ...
Find reachable dependency vulnerabilities
Fluid Attacks' static code scans detect third-party dependencies used in your software and verify whether it is actually using the dependencies' vulnerable functions. Ensuring that detected dependency vulnerabilities are actually reachable by threat ...
What is SCA?
Software composition analysis (SCA) is a security technique that automatically identifies third-party dependencies or libraries used by an application and evaluates their security. Therefore, the importance of SCA scans is mainly the following: ...