# SCA360: Flexible Deployment for Data Center/Cloud-Integrated Environments ## About Lineaje SCA360 Installation Lineaje SCA360 installation simplifies software composition analysis for organizations that cannot share source code externally due to compliance or privacy requirements. It bundles the SCA360 and its dependencies into a pre-configured Amazan Machine Image (AMI), making deployment on an Amazon Elastic Compute Cloud (EC2) instance fast and secure. With SCA360, you can scan source code repositories (e.g., GitHub) and container images (e.g., Amazon ECR) for vulnerabilities, enable auto-remediation of critical and high severity issues, generate Software Bill of Materials (SBOMs), and automate metadata uploads for vulnerability analysis and risk insights, all within your own environment. ## SCA360 Automated Workflow Overview After your CI/CD pipeline creates a metadata file with project details, repository URL, and image hash, and you upload it to Amazon S3, Lineaje SCA360 retrieves credentials securely from AWS Secrets Manager for private repositories and scans the source repository or container image within your environment, ensuring sensitive code remains private. After scanning, SCA360 sends a meta bomb, a tarball of dependency information, not source code, to the Lineaje tenant, where a fix plan is generated using gold open-source package. SCA360 applies fixes by creating a new branch, updating vulnerable dependencies, and optionally triggering your CI/CD pipelines for testing. If tests succeed, a pull request is raised for review and merge. This process uses AWS services such as EC2 for compute, S3 for storage, KMS for encryption, IAM roles for permissions, and Secrets Manager for secure token management, along with GitHub for source code hosting, enabling secure and automated SBOM generation and vulnerability remediation. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veedna.com/sca360-flexible-deployment-for-data-center-cloud-integrated-environments.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.