Snyk SCA
Snyk is a platform for testing software code. The Uleska Snyk tool supports vulnerability checking using Snyk's platform and their repository of...
Posts about
Integrated Tool Configuration
JFrog Xray
JFrog XRay is a container scanning component that runs alongside the JFrog Artifactory platform. When containers are submitted to the Artifactory,...
Sonatype OSS Index
What is SOI? SOI stands for 'Sonatype OSS Index' and is a tool developed by Uleska to perform software composition analysis against a code repo to...
OWASP Dependency Tracker
What is OWASP Dependency Track? Dependency Track is an open-source software composition analysis tool from an OWASP project. It is good for...
Clair
What is Clair? Clair is a popular open source security tool for parsing container image contents and reporting vulnerabilities affecting the...
SonarQube Scanner
What is SonarQube Scanner? SonarQube is a very popular static analysis tool that scans code for quality and security issues. SonarQube has...
NPMAudit
What is NPM Audit? The 'audit' command of the 'npm' tool is a built-in security feature to Node Package Manager. It checks the current version of the...
NodeJSScan
What is nodejsscan? NodeJsScan is an open source static code scanner used to find security flaws specifically in Node.js applications. It is powered...
Veracode
What is Veracode? Veracode is a commercial provider of software security testing tools, based in the cloud, that includes static code analysis,...
SSLYze
What is SSLYze? SSlyze is a great open source tool for checking a website or servers SSL/TLS certificates. It checks the SSL/TLS configuration of a...