Comment by brazzy
2 months ago
Except that "clearance" invariably consists of bureaucratic rubber stamping and actually decreases security by making it harder and slower to fix newly discovered vulnerabilities.
2 months ago
Except that "clearance" invariably consists of bureaucratic rubber stamping and actually decreases security by making it harder and slower to fix newly discovered vulnerabilities.
Depends on the skills of the respective DevOps security team.
There are also tools that break CI/CD based on CVE reports from existing dependencies.