What is Bandit?
Bandit is a popular open-source security scanning tool for the Python language. Bandit is good for finding common coding errors.
|Security Stage||SAST (Static code analysis)|
|1||You'll need a Git address to scan|
How do I set it up?
Adding Bandit to your set of security tests is simple.
Now any time you click 'Test Now' for that application stage of testing, or make a request over the Uleska API or CLI for that stage, the Bandit tool will be included in the test run and any results added to your vulnerabilities list.
Currently, the Bandit adaptor will run the default set of tests, recursively going through the files in the codeline. Configuration for profiles, test IDs, and levels are not currently supported but will be included in a future release.