Software Composition Analysis

Advanced
Administrator
Developer
DevOps Engineer
Security Engineer
Security Operations Analyst
Service Adoption Specialist
Solution Architect
Technology Manager
Azure
Artifacts
Boards
Cloud Services
Azure DevOps
Pipelines
Repos
Test Plans
GitHub

This module explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines.

Learning objectives

By the end of this module, you'll be able to:

  • Inspect and validate code bases for compliance
  • Integrate security tools like WhiteSource with Azure DevOps
  • Implement pipeline security validation
  • Interpret alerts from scanning tools
  • Configure GitHub Dependabot alerts and security