MEAPSA

Software Composition Analysis

This module explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines.

Administrator

Developer

DevOps Engineer

Security Engineer

Security Operations Analyst

Service Adoption Specialist

Solution Architect

Technology Manager

Azure

GitHub

Artifacts

Boards

Cloud Services

Azure DevOps

Pipelines

Repos

Test Plans

Module Objectives

By the end of this module, you'll be able to:

Inspect and validate code bases for compliance
Integrate security tools like WhiteSource with Azure DevOps
Implement pipeline security validation
Interpret alerts from scanning tools
Configure GitHub Dependabot alerts and security

Units

Introduction min
Inspect and validate code bases for compliance min
Explore software composition analysis (SCA) min
Integrate Mend with Azure Pipelines min
Implement GitHub Dependabot alerts and security updates min
Integrate software composition analysis checks into pipelines min
Examine tools for assess package security and license rate min
Interpret alerts from scanner tools min
Implement security and compliance in an Azure Pipeline min
Knowledge check min
Summary min

Prerequisites

None