Answer yes if your organisation performs security testing of all applications & systems during the build process. Please describe the security testing performed which could include, but is not limited to Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Infrastructure security testing.
Including security testing as part of your development lifecycle helps to ensure you identify and address security concerns early before they become live vulnerabilities. Identifying issues early in the process makes it much easier to remediate and prevent systemic issues in future.
The UK National Cyber Security Centre (NCSC) has produced some useful guidance on implementing security testing within your software development workflows.
If you would like to contribute to this article or provide feedback, please email firstname.lastname@example.org. Contributors will be recognised on our contributors page.
Please do not submit your answer on the knowledge base.