You are designing the security validation strategy for a project in Azure DevOps.
You need to identify package dependencies that have known security issues and can be resolved by an update.
What should you use?
A . Octopus Deploy
B. Jenkins
C. Gradle
D. SonarQube
Answer: D
Explanation:
With enterprise level of SonarQube you can use OWASP that runs the
security scans for known vulnerabilities. https://www.sonarqube.org/features/security/
https://www.sonarqube.org/features/security/owasp/?gclid=Cj0KCQiAzZL-BRDnARIsAPCJs70Teq0-efI2Hd_h-kykCB7I_C7L88Q7kpiuTzuD6Xw1jUb6ZqIP7O0aApVzEALw_wcB
Latest AZ-400 Dumps Valid Version with 289 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund