A team is currently building and deploying an application using Azure services. It includes the DevOps service. You have to use the right security tool during the following phase of the development lifecycle. After a pull request
During the continuous integration phase
During the continuous delivery phase
Which of the following would you use for the pull request phase?

Answer options:

A.Penetration Testing
B.Static Code Analysis
C.Threat Modeling
D.Load Testing

Answer – B 
During the coding phase, it is always preferential to use static code analysis tools. The Microsoft documentation mentions the following. 

Option A is incorrect since this should be used during the deployment phase. 
Option C is incorrect since this tool should be used during the design phase. 
For more information on security during the DevOps lifecycle, please visit the below URL- 

https://docs.microsoft.com/en-us/azure/devops/migrate/security-validation-cicd-pipeline?view=azure-devops