DerScanner Launches Software Composition Analysis 2.0 with Unified Threat Prevention Worflow
DerScanner, an application security testing platform announces Software Composition Analysis (SCA) 2.0 release
Key Features of DerScanner’s SCA 2.0 Module:
- Integrated SBOM Generator: Simplifies the process of creating detailed SBOMs by eliminating the need for external tools, allowing users to effortlessly generate SBOMs directly within DerScanner.
- Dependency Tree Graph: Visualizes project dependencies, making it easier to identify and address security vulnerabilities in both direct and transitive dependencies.
- Hybrid SAST + SCA Analysis: Combines the strengths of SCA and Static Application Security Testing (SAST) to deliver precise vulnerability assessments, including detailed call tracing and execution tracking of vulnerable functions.
- Confi AI for SCA: Advanced AI-driven algorithms minimize false positives, ensuring that security teams focus on the most critical vulnerabilities, saving time and improving remediation efforts.
- Enhanced PURL Mapping: Increases accuracy in vulnerability identification by utilizing Package URL (PURL), a more precise mapping method tailored specifically for packages, improving reliability compared to traditional CPE mapping.
- MavenGate Attack Prevention: Proactively monitors expired domains linked to Maven packages, mitigating the risk of domain hijacking in JVM-based projects.
With these enhancements, DerScanner’s SCA 2.0 module addresses the growing challenges of managing open source security, enabling organizations to confidently secure their software supply chains.
In addition to the SCA 2.0 module, the latest release of DerScanner also includes enhancements in Static Application Security Testing (SAST), integrations with Defect Dojo for improved SDLC management, and support for new programming languages such as YAML, TOML, Bash, Powershell, and XML.
About DerSecur
Since its inception in 2011, DerSecur has been at the forefront of application security. Its flagship product, DerScanner, represents the pinnacle of security technology, capable of analyzing both source and binary code. DerSecur's team of 70 experts continues to push the boundaries in application security research and development.
Andy Dankevich
DerSecur Ltd
email us here
Visit us on social media:
LinkedIn
YouTube
Distribution channels: Banking, Finance & Investment Industry, IT Industry, Insurance Industry, International Organizations, Telecommunications
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Submit your press release