Vulnerability mitigation

Vulnerability scanning

An automated vulnerability scanner (Dependabot) runs every day to discover vulnerabilities in the dependencies of the JobTeaser code.

An automated vulnerability scanner (Trivy) runs on all Docker images created.

Static code analysis

Static code analysis is used for each change to the source code through our Continuous Integration (CI) pipeline to identify and notify potential security vulnerabilities.

Penetration testing

JobTeaser solicits every year a security-specialist third-party to perform external penetration tests on different scopes of our platform and applications.