Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
-
Updated
Jan 29, 2024 - Python
Exemplo de workflow de segurança que realiza testes SAST, SCA, DAST, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.
blackduckcopilot
Scanner-One is a freely usable Static Application Security Testing (SAST) scanner for all source code languages. Currently functional for Cpp, Java, Javascript, PHP and Python.
Scanner for cryptographic gems & their reverse dependecies in Ruby applications
DevSecOps Framework - Python application
An implementation of infrastructure-as-code scanning using dynamic tooling.
Java Ecommerce Application with microservices Architecture
GitHub Action for detecting sensitive data issues.
SAST Scanner Modified - Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
CodeThreat GitHub Action integrates with GitHub to perform code security tests on your code. It supports a variety of languages and frameworks, providing detailed security scans to identify potential issues.
Quick script to scan through a PHP project and flag up functions that are of interest when looking for security vulnerabilities. Aids manual code review.
A script to automate SAST analysis of your decompiled APKs with Checkmarx, and a Dockerfile if you ever need it.
Совместное использование инструментов SAST, DAST и SCA для повышения эффективности обнаружения и устранения уязвимостей программных модулей ─=≡Σ((( つ><)つ📊📊📊
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."