Hey guys, I’m doing some research and trying to understand what type of security test people are doing on their code repo during CI. So, what do you do?
I statically test the source code for known vulnerabilities
I test for known vulnerabilities in open source dependencies
3) I test for known vulnerabilities in container images
4) I don’t have any automated security testing during CI
Please feel free to add any comment. Thanks in advance-MV.