Software Composition Analysis
by Rob Shapiro, Steve Hoffenberg, and Chris Rommel, February 2021
Inside this Report
The demand and market for software composition analysis (SCA) tools, used primarily to identify and remediate security
vulnerabilities and license compliance violations in third-party software, will grow significantly in the coming years as software
developers turn to open source and other third-party software components to stay in stride with rapid software application
development. This report analyzes the emerging trends, use cases, and commercial market for SCA tools in the enterprise/
IT and IoT/embedded sectors.
Vendors Listed in this Report
Flexera Software (Revenera),
FOSSA,
IBM,
JFrog,
GrammaTech,
Micro Focus,
Snyk,
Sonatype,
Synopsys (Black Duck),
Timesys,
Veracode,
WhiteHat Security,
WhiteSource