1、1/11/2021Gartner Reprinthttps:/ for DistributionMarket Guide for Software Composition AnalysisPublished 18 August 2020-ID G00721255-23 min readBy Analysts Dale GardnerMultiple risk factors and explosive growth in open-source software usage make softwarecomposition analysis an essential tool for appl

2、ication security.Security and risk managementleaders should use this Market Guide to understand the evolving competitive landscape,andhow the market will develop.OverviewKey FindingsRecommendationsTo manage and mitigate the risk of OSS,security and risk management leaders responsible for thesecurity

3、 of applications and data must:Open-source software is used in nearly all organizations.This introduces risks from readilyexploitable vulnerabilities;an expanded attack surface through which malware and malicious codecan gain access,compromising proprietary code and infrastructure;and legal and inte

4、llectualproperty exposures.Without software composition analysis,the benefits of OSS in application development can easilybe overwhelmed by the risks.The viability and security of open-source packages are cited as top concerns by most of therespondents to a Gartner survey.These concerns have led to

5、a growing market,addressed by various types of vendors,for SCAtools that identify and provide guidance on the remediation or mitigation of risks associated withthe use of OSS.Interest in SCA tools is growing rapidly.Although only about 40%of organizations are estimated touse SCA tools,end-user inqui

6、ries on the topic to Gartner analysts increased nearly 40%from 2019to 2020.We use cookies to deliver the best possible experience on our website.To learn more,visit our Privacy Policy.Bycontinuing to use this site,or closing this box,you consent to our use of cookies.1/11/2021Gartner Reprinthttps:/