Software composition
The Software composition dimension helps you identify and mitigate risks associated with your packages and components based on several key indicators of reliability, maintainability, and security in your supply chain.
IBM® Sovereign Core Compliance center fetches a set of reliability checks and generates an aggregate score measuring the reliability of each package. Based on its assessment, IBM Sovereign Core Compliance center recommends specific actions you can take to address risks, such as those related to outdated or unsupported packages, licenses compliance issues, and exploitable vulnerabilities.