According to Vehent, how can you ensure that your code is always being checked for vulnerabilities as part of a DevOps pipeline?
Group of answer choices
Run a vulnerability scanner in CI that will run every time code is checked into the repository.
Run a vulnerability scanner manually, whenever the security team needs to randomly audit the application.
Have a colleague review your code before checking it into the repository. They might catch a vulnerability that you missed.
Deploy another EC2 instance as part of the pipeline that contains a vulnerability scanner, which will run every time a new cloud resource is deployed.
Answer)
When we need to check the code being deployed for vulnerabilities
as part of a DevOps pipeline, we need to set something automated
which runs every time when the code is deployed, thus the correct
choice is:
Deploy another EC2 instance as part of the pipeline that contains a
vulnerability scanner, which will run every time a new cloud
resource is deployed.
Manually checking or colleague review or running the vulnerability scanner manually would lead to adhoc results, but having the EC2 instance as part of the pipeline that contains a vulnerability scanner is the correct choice since it will check for the deployed code every time and is this more reliable.
**Please Hit Like if you appreciate my answer. For further doubts on the answer please drop a comment, I'll be happy to help. Thanks for posting.**
Get Answers For Free
Most questions answered within 1 hours.