Software Composition Analysis

Module
11 Units

Advanced

Administrator

Developer

DevOps Engineer

Security Engineer

Security Operations Analyst

Service Adoption Specialist

Solution Architect

Technology Manager

Azure

Azure Artifacts

Azure Boards

Azure Cloud Services

Azure DevOps

Azure Pipelines

Azure Repos

Azure Test Plans

GitHub

This module explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines.

Learning objectives

By the end of this module, you'll be able to:

Inspect and validate code bases for compliance
Integrate security tools like WhiteSource with Azure DevOps
Implement pipeline security validation
Interpret alerts from scanning tools
Configure GitHub Dependabot alerts and security

Prerequisites

None

Introduction min
Inspect and validate code bases for compliance min
Explore software composition analysis (SCA) min
Integrate Mend with Azure Pipelines min
Implement GitHub Dependabot alerts and security updates min
Integrate software composition analysis checks into pipelines min
Examine tools for assess package security and license rate min
Interpret alerts from scanner tools min
Implement security and compliance in an Azure Pipeline min
Knowledge check min
Summary min