Posts about
Integrated Tool Configuration
Integrate Whispers secrets detection into CI/CD
What is whispers? Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and...
Integrate Snyk into CI/CD
Snyk is a platform for testing software code. The Uleska Snyk tool supports vulnerability checking using Snyk's platform and their repository of...
JFrog Xray
JFrog XRay is a container scanning component that runs alongside the JFrog Artifactory platform. When containers are submitted to the Artifactory,...
Integrate Sonatype OSS Index in CI/CD
What is SOI? SOI stands for 'Sonatype OSS Index' and is a tool developed by Uleska to perform software composition analysis against a code repo to...
Integrate OWASP Dependency Track into CI/CD
What is OWASP Dependency Track? Dependency Track is an open-source software composition analysis tool from an OWASP project. It is good for...
Integrate SonarQube Scanner into CI/CD
What is SonarQube Scanner? SonarQube is a very popular static analysis tool that scans code for quality and security issues. SonarQube has...
Integrate NPM Audit into CI/CD
What is NPM Audit? The 'audit' command of the 'npm' tool is a built-in security feature to Node Package Manager. It checks the current version of the...