Vulnerability Scanning - BUILD

The next stage in CI/CD cycle is BUILD.

This is where the source code is taken and compiled into build code. At this point, it's good to look at vulnerability scanning against the build software.

Software Composition Analysis (SCA) - Checks Open Source components against known vulnerabilities

Dynamic Application Security Testing (DAST) - Vulnerability scanners run on completed (compiled) code

PreviousSAST and SCA - CODE NextDesigning DevSecOps for Test, Release, and Operate SDLC Phases

Last updated 3 years ago