Embedding Federated Security Testing Across the SDLC Quiz

Better UI

Performance Testing

Security Practices

Marketing Automation

Delay testing until production

Move security tasks earlier in development

Eliminate the need for security tools

Let operations handle security alone

DAST

RASP

SAST

Penetration Testing

Infrastructure vulnerabilities

Network performance

Open-source library risks

User behavior

Gossip about the app

Database structures

API keys and credentials

Code logic bugs

Slower application performance

Unauthorized access to systems and dat

Code formatting issues

Higher cloud storage costs

It centralizes all security responsibilities in one team

It delays security testing until the release phase

It enables security testing at multiple stages by multiple teams

It only applies to containerized workloads

DAST

SAST

IaC Scanner

RASP

Scanning the source code

Protecting the application during runtime

Performing regression tests

Blocking code merges in Git

Developers get bonuses for early fixes

It avoids redesigning or re-testing late-stage code

Security teams charge more later

There’s no difference in cost