From the course: Azure for DevOps: Continuous Integration
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Implementing a secure development process - Azure Tutorial
From the course: Azure for DevOps: Continuous Integration
Implementing a secure development process
- [Instructor] It's important to note that security vulnerabilities can pop up in your code even when it's working correctly, that is, it's syntactically accurate. A lot of time, these weaknesses in your code can be spotted during a code review or a pull request. But as humans, we tend to get distracted, rushed, or maybe we just miss something important as we were scanning through the code. That's why it's important to scan for vulnerabilities early. The term shift left can be applied to many facets of software development. But in this case, it means to push the security analysis earlier in the process. An example of a vulnerability might be the way the code smells. And, no, I'm not talking about literally sticking your nose in the code. But code smell is a term describing something that might be rotten. By definition code smells are subjective, and there's no tool that can identify all of them. Imagine if you…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.