Dependency and Supply chain analysis
SBOM
A “software bill of materials” (SBOM) is a nested inventory, a list of ingredients that make up software components.
See Sbom
Vulnerabilities
- https://www.nist.gov/itl/ssd/software-quality-group/source-code-security-analyzers
- https://jfrog.com/xray/