1 / 5
The pipeline should ___ dependencies for known CVEs.
-
-
-
-
You scan dependencies for CVEs. Scan is the precise technical verb; the others are vague. So scan dependencies for CVEs.
2 / 5
We use SAST tools to ___ security flaws in source code.
-
-
-
-
SAST tools detect security flaws. Detect is the precise collocation; the others are less technical. So detect security flaws.
3 / 5
Teams should ___ critical vulnerabilities within 24 hours of discovery.
-
-
-
-
You remediate vulnerabilities. Remediate is the exact technical collocation; the others are informal. So remediate critical vulnerabilities.
4 / 5
We need to ___ a security report to auditors after each scan.
-
-
-
-
You submit a security report. Submit is the standard collocation; the others are informal. So submit a security report.
5 / 5
The scanner will ___ findings by severity to help teams prioritise.
-
-
-
-
The scanner prioritises findings. Prioritise is the precise collocation; the others are informal. So prioritise findings by severity.