Checkmarx University SCA – Software Composition Analysis SCA - Software Composition AnalysisSCA Duration: 2h 32m + Certification: No Start Training This training module provides an in-depth understanding of Checkmarx Software Composition Analysis (CxSCA), enabling users to effectively identify, analyze, and remediate vulnerabilities in open-source components. Through practical guidance and best practices, this training ensures participants can leverage CxSCA to manage software supply chain risks effectively. Course Outline Create & ScanLearn how to set up and execute scans on your projects, enabling the detection of vulnerabilities in open-source components. Results & TriageUnderstand how to interpret scan results, prioritize vulnerabilities, and streamline the triage process for efficient issue management. Risk RemediationExplore strategies and tools to remediate identified risks, focusing on minimizing security gaps while maintaining project stability. KnowledgeGain insights into the CxSCA knowledge base, including understanding vulnerability details, affected versions, and security advisories. SettingsConfigure CxSCA to meet your organization’s specific needs, including policies, alerts, and integrations. SCA ResolverDive into the CxSCA Resolver, a tool designed to ensure accurate dependency resolution and vulnerability identification. Best PracticesLearn industry-recognized best practices to maximize the effectiveness of CxSCA, reduce false positives, and align with secure development standards. Who Should Attend? Developers responsible for open-source component security. Security engineers managing software supply chain risks. DevOps professionals integrating security into CI/CD pipelines. This training provides actionable insights and hands-on skills to help teams secure their applications against open-source vulnerabilities and ensure compliance with security standards.
