Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?

During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application.

Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?
A . Conduct regular red team exercises over the application in production
B . Ensure that all implemented coding libraries are regularly checked
C . Use application security scanning as part of the pipeline for the CI/CDflow
D . Implement proper input validation for any data entry form

View Answer

Answer: C

Explanation:

Application security scanning is a process that involves testing and analyzing applications for security vulnerabilities, such as injection flaws, broken authentication, cross-site scripting, and insecure configuration. Application security scanning can help identify and fix security issues before they become exploitable by attackers. Using application security scanning as part of the pipeline for the continuous integration/continuous delivery (CI/CD) flow can help mitigate the problem of finding the same vulnerabilities in a critical application during security scanning. This is because application security scanning can be integrated into the development lifecycle and performed automatically and

frequently as part of the CI/CD process.