A software team merges code from multiple feature branches every day. They want to reveal security gaps and functional problems as soon as new changes are introduced, and still maintain frequent releases. Which measure is the most effective in this situation?
Rely on manual checks before the final release is shipped
Trigger a single vulnerability scan each evening
Configure an automated process that runs tests and scanning whenever code is checked in
Schedule reviews when problems appear in the live environment
Automating tests and vulnerability scans to trigger at every code check-in ensures immediate feedback during daily merges. This approach minimizes the window where newly introduced flaws can go unnoticed, supporting secure continuous integration and fast release cycles. In contrast, nightly scans or delayed reviews increase the risk of undetected issues, while manual checks are error-prone and do not scale in agile environments.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is continuous integration (CI) and why is it important in software development?
Open an interactive chat with Bash
What are some examples of automated tests and vulnerability scans used in CI/CD pipelines?
Open an interactive chat with Bash
How does automating testing and scans at check-in differ from nightly scans?