A development team uses open-source software and follows an Agile methodology with two-week sprints. Last month, the security team filed a bug for an insecure version of a common library. The DevOps team updated the library on the server, and then the security team rescanned the server to verify it was no longer vulnerable. This month, the security team found the same vulnerability on the server.
Which of the following should be done to correct the cause of the vulnerability?
- Deploy a WAF in front of the application.
- Implement a software repository management tool.
- Install a HIPS on the server.
- Instruct the developers to use input validation in the code