Home › Software Testing › Software Testing › advanced_security_performance › Software Composition Analysis (SCA) focuses on
Software Composition Analysis (SCA) focuses on
AUser interface conformance to design
BVulnerabilities in third party dependencies
CStyle violations in your own source code
DPerformance under sustained heavy load
Answer & Solution
Correct answer: B. Vulnerabilities in third party dependencies
SCA inventories open-source and third-party libraries and checks them against CVE databases (NVD, GitHub Advisory). Tools: Snyk, Dependabot, OWASP Dependency-Check. Critical given that most apps use many transitive dependencies.
Related questions
Test coverage is BEST described asContinuous Testing in DevOps meansIn the V model of SDLC, system testing corresponds to'Test data' management addressesIn ISTQB terminology, a 'test oracle' isAcceptance Test Driven Development (ATDD) emphasisesTest Driven Development uses the rhythm ofRecovery testing simulates