Two security skills that are part of the Continuous Integration aspect are application security and

penetration testing. Application security is the practice of protecting the software applications from

malicious attacks, unauthorized access, data breaches, and other threats. It involves applying

security principles and techniques throughout the software development lifecycle, such as secure

coding, code analysis, code review, security testing, and security monitoring. Application security

helps to ensure that the software meets the security requirements and standards, and that it does

not introduce any vulnerabilities or risks to the system or the users910

Penetration testing is the practice of simulating real-world attacks on the software applications to

identify and exploit any security weaknesses or flaws. It involves using various tools and methods to

probe, scan, attack, and bypass the security defenses of the software, such as firewalls, encryption,

authentication, and authorization. Penetration testing helps to evaluate the security posture and

resilience of the software, and to provide recommendations for improvement or

remediation. Penetration testing is usually performed by external or independent experts, who have

the permission and authorization to conduct the tests