How does SCA work in SonarQube Advanced Security?

Time to complete icon 1 hour to complete

Overview

This course helps software developers and engineering leaders understand how Software Composition Analysis (SCA) mitigates and remedies dependency risks introduced by third-party open-source software. This course includes a product walkthrough that highlights the key SCA features in SonarQube Advanced Security 2025.3.

Learning objectives

After completing this course, you’ll be able to:

Explain how SCA addresses open-source software dependency risks.
Describe the benefits of SonarQube Advanced Security 2025.3.
Explain why it’s critical to integrate SCA into the SDLC.

Key topics

Fundamental concepts of SCA
How SCA addresses developer pain points
How SCA works in SonarQube Advanced Security
How to get started with SCA in SonarQube
Additional learning and resources

Target audience

DevOps engineer
Developer
Engineering leader
Analyst
Stakeholder

Prerequisites

Knowledge of SonarQube is recommended.
SonarQube Advanced Security is a product add-on to SonarQube that extends its security capabilities.

By category

SonarQube Cloud

SonarQube Server

Advanced Security

See all

By tag

Azure DevOps

Bitbucket

GitHub