Question 060

### Which of these is true about code scanning? (Choose two.) > https://docs.github.com/en/code-security/supply-chain-security/end-to-end-supply-chain/securing-code#scan-your-code-for-vulnerable-patterns - [x] Code scanning helps finding insecure code patterns which can be missed by manual code review. - [x] Code scanning can be integrated into the CI pipeline to find security issues early in the development process. - [ ] Code scanning is a replacement for manual code review. - [ ] Code scanning helps finding any leaked credentials in the codebase such as API keys or cloud credentials. > That is secret scanning - [ ] Code scanning scans your code to search for all dependencies and their versions to find any vulnerable dependencies.