Updated specific locations to be searchable, take a look at Las Vegas as an example.

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

5
Should we run SAST and SCA scans after or before a build in the pipeline?
Post Flair (click to view more posts with a particular flair)
Concepts
Post Body

We are using a SAST SCA vendor tool and want to know whether we should be running it before or after a build? We had some issues with the tool in that the build created too many files that were too many LOC for the tool to handle so we had to move it before. Another reason was that it picked up unrelated vulnerabilities that were related to source control (that was unused) which was different from scanning it via manually, which was another reason why we moved it before the build.

Is this recommended, what is the standard practice, should we run it before or after the build?

Author
Account Strength
70%
Account Age
3 years
Verified Email
Yes
Verified Flair
No
Total Karma
783
Link Karma
397
Comment Karma
274
Profile updated: 5 days ago
VertigoRoll

Subreddit

r/AskNetsec

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
9 months ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/AskNetsec/c...