An organization recently released a software assurance policy that requires developers to run code scans each
night on the repository. After the first night, the security team alerted the developers that more than 2,000
findings were reported and need to be addressed. Which of the following is the MOST likely cause for the high
number of findings?
A. The vulnerability scanner was not properly configured and generated a high number of false positives.
B. Third-party libraries have been loaded into the repository and should be removed from the codebase.
C. The vulnerability scanner found several memory leaks during runtime, causing duplicate reports for the
same issue.
D. The vulnerability scanner was not loaded with the correct benchmarks and needs to be updated.
night on the repository. After the first night, the security team alerted the developers that more than 2,000
findings were reported and need to be addressed. Which of the following is the MOST likely cause for the high
number of findings?
A. The vulnerability scanner was not properly configured and generated a high number of false positives.
B. Third-party libraries have been loaded into the repository and should be removed from the codebase.
C. The vulnerability scanner found several memory leaks during runtime, causing duplicate reports for the
same issue.
D. The vulnerability scanner was not loaded with the correct benchmarks and needs to be updated.