A common scenario when integrating security in development activities, such as SAST scans covered in my previous blog post, is to create a reusable template that can be referenced from pipelines.
If you are new to templates I suggest you take a look at this article from Microsoft before reading further.
In this blog post we will explore how to create a basic reusable Azure DevOps template to automate code analysis, using a popular SAST tool from Veracode. You would ideally want all development teams to have a way to enable SAST scans with minimum configuration, so that they focus their efforts on remediation instead of configuring tooling in their pipelines. That is where Azure DevOps pipelines come in handy, as they cover the reusability part and thus making it a bit easier for developers.