In a DevSecOps pipeline, at which stage is it most cost-effective to identify and remediate security vulnerabilities?
-
A
During production incident response after exploitation
-
B
During post-deployment penetration testing
-
C
During the design and development phase (shift-left security)
-
D
During the final QA acceptance testing phase