SCA in CI/CD pipeline Course

A look at software composition analysis in the CI/CD pipeline.

47 minutes

Course description

Neglecting to track and manage all of the open-source components in application is a mistake that could lead to disastrous results. This course focuses on software composition analysis and how to implement OWASP Dependency-Check, an open-source software composition analysis in the CI/CD pipeline.


Fixing SCA results & CVEs

Video - 00:11:00

How to fix SCA results and CVEs.
Common software vulnerabilities & mitigation

Video - 00:11:00

Identifying and mitigating common vulnerabilities.
Using OWASP Dependency-Check

Video - 00:13:00

Practical demonstration of OWASP Dependency-Check.
Software composition analysis

Video - 00:12:00

Open-source components and dependencies analysis.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust