When our application gets deployed through our Continuous Delivery pipeline, we want to know that our code is secure, and does not have vulnerable packages installed, so that we don't get owned.
Build continuous security into our delivery pipeline, so that we monitor our applications for defects and known vulnerabilities, constantly!
Our starter kits ship out of the box with nsp to scan the package.json for any known vulnerabilities. Our pipeline will fail if any are found.
TODO
TODO
@delivery @security