TECH BUYER Mar 2020 - IDC TechBrief - Doc # US46133920
IDC TechBrief: Software Composition Analysis of Open Source Software
This IDC TechBrief examines the benefits of using software composition analysis (SCA) to mitigate the risk and complexities of open source software.
Modern software is increasingly composed of external open source components, and bad actors have taken notice and are using applications as their attack surface of choice. This leaves modern applications susceptible to hackers and makes it challenging to ensure appropriate protection from vulnerabilities embedded in third-party open source software components.
"Software composition analysis provides important capabilities that are needed by modern software development teams who use open source components," said Jim Mercer, research director, DevOps at IDC. "As organizations develop open source and security strategies, they need to understand how an SCA solution can play a vital role in avoiding a costly breach in application security and ensure licensing compliance."