v2.4.0 | Report Errata
docs resources docs resources

Security Stack Summary Eight security domains: SAST (Semgrep/SonarQube), SCA (Dependabot/Snyk), container scanning (Trivy/Grype), SBOM generation (Syft/CycloneDX), secrets management (HashiCorp Vault/AWS Secrets Manager), artefact signing (Sigstore Cosign), API security (OAuth 2.0 + mTLS + rate limiting), and penetration testing (annual, covering full stack plus AI-specific vectors). See for the detailed treatment. Key outputs

  • Eight security domain coverage
  • Tooling options per domain
  • Annual penetration testing requirement
On This Page