Correction, at one point I said Deepfence but I meant Deepfactor!
Understanding SCA and Container Vulnerability Scanning: What You Need to Know
This video by discusses the evolution and differences between Software Composition Analysis (SCA) scanning and container vulnerability scanning, highlighting their convergence over time. The presenter explains the concepts using examples in JavaScript and Python, demonstrating how these scans identify vulnerabilities in application dependencies.
Tools and Resources:
1. Insecure Testing Resources - github.com/latiotech/insecure...
2. Vendors Mentioned: Oligo www.oligo.security/, Kodem www.kodemsecurity.com/, Ox www.ox.security/, and Deepfactor www.deepfactor.io/
3. Free tools: Snyk Test docs.snyk.io/snyk-cli/command..., Trivy github.com/aquasecurity/trivy
00:00 Understanding the Evolution of Container Scanning
00:59 Examples of SCA and Container
02:27 New Generation of Scanning Tools
03:35 Comparing SCA and Container Scanning Tools in Action
07:43 The Importance of Runtime Context in Security Scanning
08:40 Showcasing the Future of Vulnerability Scanning with Kodem and Oligo
09:47 Conclusion: The Next Generation of Security Tools