No organization exists in an operational vacuum. It’s a natural law of software development that your world will collide with other projects. It is inevitable to share responsibility between customers, vendors, partners, and the open-source ecosystem. In a past life, I worked with insurance carriers that each had stringent security policies placed on their partners. One of those policies included scanning all production code for known vulnerabilities. In this post, I’ll show you how to scan your system for security vulnerabilities throughout your development lifecycle.