SCA is good, but application security needs to evolve to tackle supply chain security
Software Composition Analysis (SCA) tools have become a must-have for software engineering and application security teams, largely because of the increased use of open-source and third-party software. Open-source software (OSS) use in applications is estimated to range from 40% to more than 80%.