{"id":4670,"date":"2026-06-04T11:14:39","date_gmt":"2026-06-04T10:14:39","guid":{"rendered":"https:\/\/euroone.hu\/?p=4670"},"modified":"2026-06-04T11:14:39","modified_gmt":"2026-06-04T10:14:39","slug":"understanding-your-software-ingredients-matters","status":"publish","type":"post","link":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/","title":{"rendered":"Understanding your software ingredients matters"},"content":{"rendered":"\n<p>Modern software is built not only from custom code but also from open-source libraries, frameworks, and third-party packages. While this speeds up development, it also introduces security, licensing, and maintenance risks that organizations need to understand and manage.   <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Applications depend on more than internal code<\/h2>\n\n\n\n<p>Most applications rely heavily on external components for functions such as authentication, logging, database access, and user interfaces. <\/p>\n\n\n\n<p>These dependencies include both direct dependencies, which developers intentionally add, and transitive dependencies, which are automatically pulled in by other packages. A single framework can introduce dozens or even hundreds of additional components that become part of the final application. <\/p>\n\n\n\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;6a220a7bd1bc9&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"6a220a7bd1bc9\" class=\"wp-block-image size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/the_moder_application_is_not_written_it_is_put_together-1024x576.png\" alt=\"\" class=\"wp-image-4685\" srcset=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/the_moder_application_is_not_written_it_is_put_together-1024x576.png 1024w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/the_moder_application_is_not_written_it_is_put_together-300x169.png 300w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/the_moder_application_is_not_written_it_is_put_together-768x432.png 768w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/the_moder_application_is_not_written_it_is_put_together-1536x864.png 1536w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/the_moder_application_is_not_written_it_is_put_together.png 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Enlarge\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><br>Looking beyond source code<\/h2>\n\n\n\n<p>Reviewing and testing internally developed code remains important, but it provides only part of the picture.  <\/p>\n\n\n\n<p>What is ultimately deployed contains not only proprietary code but also third-party components, licenses, metadata, and potential vulnerabilities. Organizations therefore need visibility into everything included in the final software package. <\/p>\n\n\n\n<p>This is the role of Software Composition Analysis (SCA). <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What SCA helps you discover<\/h2>\n\n\n\n<p>SCA provides insight into the components that make up an application and the risks associated with them. <\/p>\n\n\n\n<p>A typical SCA solution can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>identify component versions;<\/li>\n\n\n\n<li>detect known vulnerabilities;<\/li>\n\n\n\n<li>reveal licensing obligations;<\/li>\n\n\n\n<li>highlight outdated or unsupported packages;<\/li>\n\n\n\n<li>trace dependency relationships;<\/li>\n\n\n\n<li>generate an SBOM (Software Bill of Materials).<\/li>\n<\/ul>\n\n\n\n<p>Unlike package managers, SCA tools add security, compliance, and risk context to dependency information.  <\/p>\n\n\n\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;6a220a7bd3324&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"6a220a7bd3324\" class=\"wp-block-image size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/what_does_the_sca_offer-1024x576.png\" alt=\"\" class=\"wp-image-4686\" srcset=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/what_does_the_sca_offer-1024x576.png 1024w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/what_does_the_sca_offer-300x169.png 300w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/what_does_the_sca_offer-768x432.png 768w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/what_does_the_sca_offer-1536x864.png 1536w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/what_does_the_sca_offer.png 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Enlarge\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><br>Growing risks in the software supply chain<\/h2>\n\n\n\n<p>Attackers increasingly target software supply chains rather than applications directly. Build environments, CI\/CD systems, and package repositories have become common attack vectors. <\/p>\n\n\n\n<p>Typical risks include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>vulnerable or outdated packages;<\/li>\n\n\n\n<li>abandoned dependencies;<\/li>\n\n\n\n<li>leaked credentials or secrets;<\/li>\n\n\n\n<li>malicious packages;<\/li>\n\n\n\n<li>typosquatting attacks;<\/li>\n\n\n\n<li>dependency confusion attacks.<\/li>\n<\/ul>\n\n\n\n<p>In some cases, malicious code can execute during package installation, compromising systems before the application even runs. <\/p>\n\n\n\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;6a220a7bd4752&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"6a220a7bd4752\" class=\"wp-block-image size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/limitation_of_common_security_controls_when_scanning_3rd_party_packages-1024x576.png\" alt=\"\" class=\"wp-image-4687\" srcset=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/limitation_of_common_security_controls_when_scanning_3rd_party_packages-1024x576.png 1024w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/limitation_of_common_security_controls_when_scanning_3rd_party_packages-300x169.png 300w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/limitation_of_common_security_controls_when_scanning_3rd_party_packages-768x432.png 768w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/limitation_of_common_security_controls_when_scanning_3rd_party_packages-1536x864.png 1536w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/limitation_of_common_security_controls_when_scanning_3rd_party_packages.png 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Enlarge\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><br>AI adds a new challenge<\/h2>\n\n\n\n<p>AI-assisted development tools can improve productivity, but they may also recommend non-existent package names. <\/p>\n\n\n\n<p>Attackers can exploit this by publishing malicious packages under those names. If developers or automated tools install them, the software supply chain may be compromised. <\/p>\n\n\n\n<p>As a result, supply chain security now extends beyond vulnerability management to include development practices, build processes, and AI-assisted workflows. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Managing findings effectively<\/h2>\n\n\n\n<p>The first SCA scan of a mature application often reveals a large number of issues. This does not necessarily indicate poor development practices; vulnerabilities, outdated dependencies, and licensing risks naturally accumulate over time if external components are not continuously maintained. <\/p>\n\n\n\n<p>The key is prioritization. Teams need to determine which findings represent real risk in the context of the application and which can be addressed later. Some results may also be false positives, but transitive dependencies should not be ignored, as vulnerabilities deep in the dependency chain can still become exploitable.  <\/p>\n\n\n\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;6a220a7bd59a2&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"6a220a7bd59a2\" class=\"wp-block-image size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/emotional_curve_of_sca_intoruduction-1024x576.png\" alt=\"\" class=\"wp-image-4688\" srcset=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/emotional_curve_of_sca_intoruduction-1024x576.png 1024w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/emotional_curve_of_sca_intoruduction-300x169.png 300w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/emotional_curve_of_sca_intoruduction-768x432.png 768w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/emotional_curve_of_sca_intoruduction-1536x864.png 1536w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/emotional_curve_of_sca_intoruduction.png 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Enlarge\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><br>Assess or update?<\/h2>\n\n\n\n<p>A common SCA challenge is deciding whether to analyze a finding in depth or simply upgrade the affected component. In many cases, verifying that a vulnerability is not exploitable requires almost as much effort as applying an update. <\/p>\n\n\n\n<p>Overriding transitive dependencies directly can also create compatibility risks if the parent dependency was not tested with the newer version. <\/p>\n\n\n\n<p>Often, the safer approach is to upgrade the direct dependency to a version that already includes a secure transitive component. SCA tools can help identify the appropriate update needed to eliminate vulnerabilities deeper in the dependency chain. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">SCA throughout the development lifecycle<\/h2>\n\n\n\n<p>SCA should not be treated as a single CI\/CD pipeline check. <\/p>\n\n\n\n<p><strong>It can help developers evaluate new dependencies, verify the contents of release artifacts, generate SBOMs, and continuously monitor deployed applications for newly disclosed vulnerabilities.<\/strong><\/p>\n\n\n\n<p>This ongoing visibility enables faster response when security issues emerge. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">When to introduce SCA<\/h2>\n\n\n\n<p>The right time to adopt SCA depends on business risk, customer expectations, and regulatory requirements.  <\/p>\n\n\n\n<p>Many organizations start with monitoring and reporting before enforcing stricter policies. This gradual approach improves visibility without disrupting development workflows.  <\/p>\n\n\n\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;6a220a7bd707b&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"6a220a7bd707b\" class=\"wp-block-image size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/when_to_introduce_sca-1024x576.png\" alt=\"\" class=\"wp-image-4689\" srcset=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/when_to_introduce_sca-1024x576.png 1024w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/when_to_introduce_sca-300x169.png 300w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/when_to_introduce_sca-768x432.png 768w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/when_to_introduce_sca-1536x864.png 1536w, https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/when_to_introduce_sca.png 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Enlarge\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><br>Final thoughts<\/h2>\n\n\n\n<p>Open-source and third-party components are essential to modern software development. The challenge is not avoiding them but understanding and managing them effectively.  <\/p>\n\n\n\n<p>SCA helps organizations identify what their applications contain, assess associated risks, maintain compliance, and respond quickly when vulnerabilities are discovered. In today&#8217;s software ecosystem, knowing your dependencies is just as important as knowing your own code. <\/p>\n\n\n\n<p>Read the full article on our International subsidiary\u2019s website by clicking on the logo:<a href=\"https:\/\/socwise.eu\/ai-analyst-a-new-level-in-the-soc\/?utm_source=EO_blog&amp;utm_medium=clickthrough_Adam_Networkshop\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/socwise.eu\/why-ai-must-also-transform-security\/?utm_source=EO_blog&amp;utm_medium=clickthrough_AI_trans_sec\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/socwise.eu\/ai-in-soc-a-revolutionary-opportunity-or-just-another-technological-dead-end\/?utm_source=EO_blog&amp;utm_medium=clickthrough_EIVOK\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/socwise.eu\/lessons-learned-from-the-cybercon26-conference\/?utm_source=EO_blog&amp;utm_medium=clickthrough_cybercon26\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/socwise.eu\/hackers-may-have-compromised-the-github-accounts-of-thousands-of-users\/?utm_source=EO_blog&amp;utm_medium=clickthrough_megalodon_attack\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><a href=\"https:\/\/socwise.eu\/not-enough-to-know-what-were-developingalso-need-to-know-what-its-made-of\/?utm_source=EO_blog&amp;utm_medium=clickthrough_SCA_article\" target=\"_blank\" rel=\" noreferrer noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"488\" height=\"329\" src=\"https:\/\/euroone.hu\/wp-content\/uploads\/2024\/10\/socwise-poweredArtboard-1@4x-100.jpg\" alt=\"\" class=\"wp-image-1534\" style=\"width:220px\" srcset=\"https:\/\/euroone.hu\/wp-content\/uploads\/2024\/10\/socwise-poweredArtboard-1@4x-100.jpg 488w, https:\/\/euroone.hu\/wp-content\/uploads\/2024\/10\/socwise-poweredArtboard-1@4x-100-300x202.jpg 300w\" sizes=\"auto, (max-width: 488px) 100vw, 488px\" \/><\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Open source accelerates development but creates new vulnerabilities. SCA helps identify, manage, and mitigate supply chain risks. <\/p>\n","protected":false},"author":3,"featured_media":4669,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[87],"tags":[],"class_list":["post-4670","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Understanding your software ingredients matters - EURO ONE<\/title>\n<meta name=\"description\" content=\"Supply chain attacks, AI risks, and hidden dependencies: SCA helps you identify and address threats in a timely manner.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Understanding your software ingredients matters - EURO ONE\" \/>\n<meta property=\"og:description\" content=\"Supply chain attacks, AI risks, and hidden dependencies: SCA helps you identify and address threats in a timely manner.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\" \/>\n<meta property=\"og:site_name\" content=\"EURO ONE Sz\u00e1m\u00edt\u00e1stechnikai Zrt.\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/euroone\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-04T10:14:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1344\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Mancz\u00e1k Rich\u00e1rd\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mancz\u00e1k Rich\u00e1rd\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\"},\"author\":{\"name\":\"Mancz\u00e1k Rich\u00e1rd\",\"@id\":\"https:\/\/euroone.hu\/#\/schema\/person\/a07dfdf169ad4d7ad526398a17dbcb96\"},\"headline\":\"Understanding your software ingredients matters\",\"datePublished\":\"2026-06-04T10:14:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\"},\"wordCount\":720,\"publisher\":{\"@id\":\"https:\/\/euroone.hu\/#organization\"},\"image\":{\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png\",\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\",\"url\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\",\"name\":\"Understanding your software ingredients matters - EURO ONE\",\"isPartOf\":{\"@id\":\"https:\/\/euroone.hu\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png\",\"datePublished\":\"2026-06-04T10:14:39+00:00\",\"description\":\"Supply chain attacks, AI risks, and hidden dependencies: SCA helps you identify and address threats in a timely manner.\",\"breadcrumb\":{\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage\",\"url\":\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png\",\"contentUrl\":\"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png\",\"width\":2560,\"height\":1344},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Kezd\u0151lap\",\"item\":\"https:\/\/euroone.hu\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Understanding your software ingredients matters\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/euroone.hu\/#website\",\"url\":\"https:\/\/euroone.hu\/\",\"name\":\"Euroone\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/euroone.hu\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/euroone.hu\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/euroone.hu\/#organization\",\"name\":\"Euroone\",\"url\":\"https:\/\/euroone.hu\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/euroone.hu\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/euroone.hu\/wp-content\/uploads\/2024\/09\/EURO-ONE-szines-logo.png\",\"contentUrl\":\"https:\/\/euroone.hu\/wp-content\/uploads\/2024\/09\/EURO-ONE-szines-logo.png\",\"width\":741,\"height\":768,\"caption\":\"Euroone\"},\"image\":{\"@id\":\"https:\/\/euroone.hu\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/euroone\",\"https:\/\/www.linkedin.com\/company\/euro-one\/\",\"https:\/\/www.youtube.com\/@euroonezrt\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/euroone.hu\/#\/schema\/person\/a07dfdf169ad4d7ad526398a17dbcb96\",\"name\":\"Mancz\u00e1k Rich\u00e1rd\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/euroone.hu\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/37677d3586c5a3e5e28c7713cc9b9d23ab531d902697720841f10cc10264deba?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/37677d3586c5a3e5e28c7713cc9b9d23ab531d902697720841f10cc10264deba?s=96&d=mm&r=g\",\"caption\":\"Mancz\u00e1k Rich\u00e1rd\"},\"url\":\"https:\/\/euroone.hu\/en\/author\/richard-manczak\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Understanding your software ingredients matters - EURO ONE","description":"Supply chain attacks, AI risks, and hidden dependencies: SCA helps you identify and address threats in a timely manner.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/","og_locale":"en_US","og_type":"article","og_title":"Understanding your software ingredients matters - EURO ONE","og_description":"Supply chain attacks, AI risks, and hidden dependencies: SCA helps you identify and address threats in a timely manner.","og_url":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/","og_site_name":"EURO ONE Sz\u00e1m\u00edt\u00e1stechnikai Zrt.","article_publisher":"https:\/\/www.facebook.com\/euroone","article_published_time":"2026-06-04T10:14:39+00:00","og_image":[{"width":2560,"height":1344,"url":"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png","type":"image\/png"}],"author":"Mancz\u00e1k Rich\u00e1rd","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Mancz\u00e1k Rich\u00e1rd","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#article","isPartOf":{"@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/"},"author":{"name":"Mancz\u00e1k Rich\u00e1rd","@id":"https:\/\/euroone.hu\/#\/schema\/person\/a07dfdf169ad4d7ad526398a17dbcb96"},"headline":"Understanding your software ingredients matters","datePublished":"2026-06-04T10:14:39+00:00","mainEntityOfPage":{"@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/"},"wordCount":720,"publisher":{"@id":"https:\/\/euroone.hu\/#organization"},"image":{"@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage"},"thumbnailUrl":"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png","articleSection":["Blog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/","url":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/","name":"Understanding your software ingredients matters - EURO ONE","isPartOf":{"@id":"https:\/\/euroone.hu\/#website"},"primaryImageOfPage":{"@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage"},"image":{"@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage"},"thumbnailUrl":"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png","datePublished":"2026-06-04T10:14:39+00:00","description":"Supply chain attacks, AI risks, and hidden dependencies: SCA helps you identify and address threats in a timely manner.","breadcrumb":{"@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#primaryimage","url":"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png","contentUrl":"https:\/\/euroone.hu\/wp-content\/uploads\/2026\/06\/pSCA@4x-scaled.png","width":2560,"height":1344},{"@type":"BreadcrumbList","@id":"https:\/\/euroone.hu\/en\/understanding-your-software-ingredients-matters\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Kezd\u0151lap","item":"https:\/\/euroone.hu\/en\/"},{"@type":"ListItem","position":2,"name":"Understanding your software ingredients matters"}]},{"@type":"WebSite","@id":"https:\/\/euroone.hu\/#website","url":"https:\/\/euroone.hu\/","name":"Euroone","description":"","publisher":{"@id":"https:\/\/euroone.hu\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/euroone.hu\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/euroone.hu\/#organization","name":"Euroone","url":"https:\/\/euroone.hu\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/euroone.hu\/#\/schema\/logo\/image\/","url":"https:\/\/euroone.hu\/wp-content\/uploads\/2024\/09\/EURO-ONE-szines-logo.png","contentUrl":"https:\/\/euroone.hu\/wp-content\/uploads\/2024\/09\/EURO-ONE-szines-logo.png","width":741,"height":768,"caption":"Euroone"},"image":{"@id":"https:\/\/euroone.hu\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/euroone","https:\/\/www.linkedin.com\/company\/euro-one\/","https:\/\/www.youtube.com\/@euroonezrt"]},{"@type":"Person","@id":"https:\/\/euroone.hu\/#\/schema\/person\/a07dfdf169ad4d7ad526398a17dbcb96","name":"Mancz\u00e1k Rich\u00e1rd","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/euroone.hu\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/37677d3586c5a3e5e28c7713cc9b9d23ab531d902697720841f10cc10264deba?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/37677d3586c5a3e5e28c7713cc9b9d23ab531d902697720841f10cc10264deba?s=96&d=mm&r=g","caption":"Mancz\u00e1k Rich\u00e1rd"},"url":"https:\/\/euroone.hu\/en\/author\/richard-manczak\/"}]}},"_links":{"self":[{"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/posts\/4670","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/comments?post=4670"}],"version-history":[{"count":6,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/posts\/4670\/revisions"}],"predecessor-version":[{"id":4697,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/posts\/4670\/revisions\/4697"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/media\/4669"}],"wp:attachment":[{"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/media?parent=4670"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/categories?post=4670"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/euroone.hu\/en\/wp-json\/wp\/v2\/tags?post=4670"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}