Invicti is expanding its application security testing capabilities by adding comprehensive SCA to complement its existing SAST and DAST capabilities. Through a strategic partnership with Mend, Invicti now offers static SCA on its AppSec platform, enhancing its supply-chain security capabilities.
To provide multiple layers of component security checking, Mend SCA operates at both the code level and container level on the Invicti platform. Results from code and container SCA are reported alongside DAST, SAST, IAST, and API Security results for centralized visibility.
Supply-chain security from the inside and out
Software composition analysis (SCA) is crucial in today’s application security landscape, and Invicti’s partnership with Mend combines static and dynamic component analysis for actionable results and broader coverage.
Invicti’s DAST-based approach to supply-chain security combines various vulnerability testing avenues, including security checks on running components and tech stack components, to provide comprehensive security coverage.
Homing in on pre-packaged components with Container Security
Container Security powered by Mend complements dynamic testing on the Invicti platform with static analysis of container components. This helps in identifying and addressing vulnerabilities in containerized components early in the development process.
One platform for dynamic and static testing of code, components, and containers
Through its partnership with Mend, Invicti combines dynamic and static testing capabilities to provide comprehensive vulnerability insights on a single platform. This includes testing running apps, analyzing source code, detecting vulnerable libraries, and checking containers for security issues.
