- The OWASP Top 10 and the details of every type of risk can be found at https://www.owasp.org/index.php/Top_10-2017_Top_10.
- WhiteSource Bolt can be found on the Azure DevOps marketplace at https://marketplace.visualstudio.com/items?itemName=whitesource.ws-bolt.
- A detailed walk-through on using the OWASP ZAP can be found at https://devblogs.microsoft.com/premier-developer/azure-devops-pipelines-leveraging-owasp-zap-in-the-release-pipeline/.
- More information about the Azure Policy resource types and JSON specifications can be found as part of the ARM reference at https://docs.microsoft.com/en-us/azure/templates/microsoft.authorization/allversions.
- More information about the continuous delivery tools for Visual Studio can be found at https://marketplace.visualstudio.com/items?itemName=VSIDEDevOpsMSFT.ContinuousDeliveryToolsforVisualStudio.
- More information about the Microsoft Security Code Analysis Extension can be found at https://secdevtools.azurewebsites.net/helpcredscan.html.
- More information about WhiteSource Bolt and WhiteSource can be found at https://bolt.whitesourcesoftware.com/ and https://www.whitesourcesoftware.com/.
- More information about Black Duck can be found at https://www.blackducksoftware.com/.
- More information about Veracode can be found at https://www.veracode.com/.
- More information about Checkmarx can be found at https://info.checkmarx.com.