1100 XP

Software Composition Analysis

27 min
Module
10 Units

Advanced

Administrator

Developer

DevOps Engineer

Security Engineer

Security Operations Analyst

Service Adoption Specialist

Solution Architect

Technology Manager

Azure

Azure Artifacts

Azure Boards

Azure Cloud Services

Azure DevOps

Azure Pipelines

Azure Repos

Azure Test Plans

GitHub

This module explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines.

Learning objectives

By the end of this module, you are able to:

Inspect and validate code bases for compliance.
Integrate security tools like WhiteSource with Azure DevOps.
Implement pipeline security validation.
Interpret alerts from scanning tools.
Configure GitHub Dependabot alerts and security.

Start

Prerequisites

None

This module is part of these learning paths

AZ-400: Implement security and validate code bases for compliance

Introduction 1 min
Inspect and validate code bases for compliance 3 min
Explore software composition analysis (SCA) 4 min
Implement GitHub Dependabot alerts and security updates 2 min
Integrate software composition analysis checks into pipelines 4 min
Examine tools for assess package security and license rate 2 min
Automate container scanning, including container images 3 min
Interpret alerts from scanner tools 2 min
Module assessment 5 min
Summary 1 min

Module assessment

Assess your understanding of this module. Sign in and answer all questions correctly to earn a pass designation on your profile.

Take the module assessment