we are using ANZ 10.0 Angular/Core combined version, hosted in Azure, published thru DevOps pipeline.
We have need of implementing things like DAST (Dynamic Application Security Testing), SAST (Static Application Security Testing) and SCA (Software Composition Analysis) into our development/build process(es). There are plenty of tools on the market to do these things, but before beginning a potentially lengthy search, does the ASP.NET Zero team use any specific tools like this? Do you recommend any particular ones to cover the above type(s) of automated testing?
We only used OWASP ZAP, see https://docs.aspnetzero.com/en/aspnet-core-angular/latest/Security-Test-Angular. This document might help you.