.A security engineer was auditing an organization's current software development practice and discovered that multiple open- source libraries were Integrated into the organization's software. The organization currently performs SAST and DAST on the software it develops. Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries? A. Perform additional SAST/DAST on the open- source libraries. B. Implement the SDLC security guidelines. C. Track the library versions and monitor the CVE website for related vulnerabilities. D. Perform unit testing of the open-source libraries

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
icon
Concept explainers
Question
.A security engineer was auditing an
organization's current software development
practice and discovered that multiple open-
source libraries were Integrated into the
organization's software. The organization
currently performs SAST and DAST on the
software it develops. Which of the following
should the organization incorporate into the
SDLC to ensure the security of the open-source
libraries?
A. Perform additional SAST/DAST on the open-
source libraries.
B. Implement the SDLC security guidelines.
C. Track the library versions and monitor the CVE
website for related vulnerabilities.
D. Perform unit testing of the open-source
libraries
Is it B or C? Please explain
Transcribed Image Text:.A security engineer was auditing an organization's current software development practice and discovered that multiple open- source libraries were Integrated into the organization's software. The organization currently performs SAST and DAST on the software it develops. Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries? A. Perform additional SAST/DAST on the open- source libraries. B. Implement the SDLC security guidelines. C. Track the library versions and monitor the CVE website for related vulnerabilities. D. Perform unit testing of the open-source libraries Is it B or C? Please explain
Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 2 steps

Blurred answer
Knowledge Booster
Design of User Interface
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Similar questions
  • SEE MORE QUESTIONS
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education