Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?
A. OWASP ZAP
B. Jenkins
C. Code Style
D. WhiteSource Bolt
Correct Answer: D
WhiteSource provides WhiteSource Bolt, a lightweight open source security and management solution developed specifically for integration with Azure DevOps and Azure DevOps Server.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
1. Black Duck
2. WhiteSource Bolt
Other incorrect answer options you may see on the exam include the following:
1. Microsoft Visual SourceSafe
2. PDM
3. SourceGear
4. SourceGear Vault