Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
-
Updated
Jan 29, 2024 - Python
Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
blackduckcopilot
Scanner-One is a freely usable Static Application Security Testing (SAST) scanner for all source code languages. Currently functional for Cpp, Java, Javascript, PHP and Python.
Scanner for cryptographic gems & their reverse dependecies in Ruby applications
DevSecOps Framework - Python application
Quick script to scan through a PHP project and flag up functions that are of interest when looking for security vulnerabilities. Aids manual code review.
A script to automate SAST analysis of your decompiled APKs with Checkmarx, and a Dockerfile if you ever need it.
Совместное использование инструментов SAST, DAST и SCA для повышения эффективности обнаружения и устранения уязвимостей программных модулей ─=≡Σ((( つ><)つ📊📊📊
Python library for code analysis with CPG and Joern
An implementation of infrastructure-as-code scanning using dynamic tooling.
Java Ecommerce Application with microservices Architecture
GitHub Action for detecting sensitive data issues.
SAST Scanner Modified - Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."