Dependency-Track logo

Component Analysis, as defined by OWASP, is the process of identifying potential areas of risk from the use of third-party and open-source software and hardware components. Component Analysis is a function within an overall Cyber Supply Chain Risk Management (C-SCRM) framework.


Dependency-Track fulfills much of the guidance laid out by OWASP and SAFECode.