Best Practices for SDLC in Application Development

B.

The best practice that should have been followed in this scenario is B. Regression testing.

Regression testing is a critical part of the software development lifecycle (SDLC) that ensures that changes made to the codebase do not introduce new errors or vulnerabilities. It involves running a series of tests on the new codebase to identify any issues that may have been introduced by the changes.

In the given scenario, the director of sales asked for some small changes to increase the usability of the application used by the sales team. The development team, having already performed prior security reviews of the code that showed no significant vulnerabilities, pushed the changes to the live environment after a peer review.

However, subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code. This indicates that the changes made to the codebase introduced new vulnerabilities that were not present in the previous version.

Had the development team followed the best practice of regression testing, they would have been able to identify these new vulnerabilities before pushing the changes to the live environment. Regression testing would have involved running a series of tests on the new codebase to ensure that it still functioned as expected and did not introduce any new errors or vulnerabilities.

Therefore, in order to prevent the introduction of new vulnerabilities into the codebase, it is important to perform regression testing as part of the SDLC.