Posts about

Integrated Tool Configuration

Integrate Checkov into CI/CD

Find out more

Integrate FlawFinder into CI/CD

Find out more

Integrate SEMGREP into CI/CD

Find out more

Integrate Whispers secrets detection into CI/CD

  What is whispers? Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and...

Find out more

Integrate Snyk into CI/CD

Snyk is a platform for testing software code. The Uleska Snyk tool supports vulnerability checking using Snyk's platform and their repository of...

Find out more

JFrog Xray

JFrog XRay is a container scanning component that runs alongside the JFrog Artifactory platform. When containers are submitted to the Artifactory,...

Find out more

Integrate Sonatype OSS Index in CI/CD

  What is SOI? SOI stands for 'Sonatype OSS Index' and is a tool developed by Uleska to perform software composition analysis against a code repo to...

Find out more

Integrate OWASP Dependency Track into CI/CD

What is OWASP Dependency Track? Dependency Track is an open-source software composition analysis tool from an OWASP project.  It is good for...

Find out more

Integrate SonarQube Scanner into CI/CD

  What is SonarQube Scanner? SonarQube is a very popular static analysis tool that scans code for quality and security issues. SonarQube has...

Find out more

Integrate NPM Audit into CI/CD

What is NPM Audit? The 'audit' command of the 'npm' tool is a built-in security feature to Node Package Manager. It checks the current version of the...

Find out more
1 2