Microsoft Enlists Endor Labs To Integrate SCA Tool With CNAPP
DevOps.com, Monday, November 25th, 2024
Microsoft has tapped Endor Labs to incorporate a software composition analysis (SCA) tool into its cloud-native application protection platform (CNAPP).
Lara Goldstein, a security product manager for Microsoft, said after evaluating multiple SCA tools the decision to partner with Endor Labs to add an SCA tool to the Microsoft Cloud Defender platform was made because that approach provided deeper insights into the actual reachability of any vulnerability discovered. That's critical because it reduces the number of potential issues that application development teams would have to investigate, she said.
Endor Labs earlier this year added analytic capabilities to its SCA tool that makes it possible to determine, for example, how challenging it might prove to upgrade an open-source software package, including its potential to break an application.