Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
A . Microsoft Visual SourceSafe
B . PDM
C . WhiteSource
D . OWASP ZAP
Answer: C
Explanation:
WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated denitive database of open source repositories.
Azure DevOps integration with WhiteSource Bolt will enable you to:
✑ Detect and remedy vulnerable open source components.
✑ Generate comprehensive open source inventory reports per project or build.
✑ Enforce open source license compliance, including dependencies’ licenses.
✑ Identify outdated open source libraries with recommendations to update.
References: https://www.azuredevopslabs.com/labs/vstsextend/WhiteSource/
Latest AZ-400 Dumps Valid Version with 289 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund