Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?

A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops.

Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?
A . Perform additional SAST/DAST on the open-source libraries.
B . Implement the SDLC security guidelines.
C . Track the library versions and monitor the CVE website for related vulnerabilities.
D . Perform unit testing of the open-source libraries.

Answer: B

Explanation:

Reference: https://www.whitesourcesoftware.com/resources/blog/application-security-best-practices/

Latest CAS-004 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments