Continuous Integration/Continuous Delivery (CI/CD)

You are a software company and need to make a substantial revision to your software for a release. In your release process, you define the set of security controls that need to be included in the update, and can then build a test through AttackIQ’s platform to ensure that the security update works, running a static code analysis against the program. AttackIQ scans the code before it is released, enforcing a key protection, a credential pass, or any other security control specified in the code. Once this process is complete, you can create ways to test that the security works as intended through an automated test harness. This solution nests well in the DevOps team, who can do this work together transparently through a purple team security unit.