Posts about

Tools

Integrate Checkov into CI/CD

Find out more

Integrate FlawFinder into CI/CD

Find out more

Integrate SEMGREP into CI/CD

Find out more

Integrate Whispers secrets detection into CI/CD

  What is whispers? Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and...

Find out more

Integrate OWASP ZAP into CI/CD

What is OWASP ZAP? OWASP ZAP (Zed Attack Proxy) is a flagship security proxy and web application scanner from OWASP, and is the worlds most widely...

Find out more

Integrate SonarQube Server into CI/CD

  What is SonarQube Server? SonarQube is a very popular static analysis tool that scans code for quality and security issues. SonarQube has community...

Find out more

Integrate Sonatype OSS Index in CI/CD

  What is SOI? SOI stands for 'Sonatype OSS Index' and is a tool developed by Uleska to perform software composition analysis against a code repo to...

Find out more

Integrate OWASP Dependency Track into CI/CD

What is OWASP Dependency Track? Dependency Track is an open-source software composition analysis tool from an OWASP project.  It is good for...

Find out more

Clair

What is Clair? Clair is a popular open source security tool for parsing container image contents and reporting vulnerabilities affecting the...

Find out more

Integrate SonarQube Scanner into CI/CD

  What is SonarQube Scanner? SonarQube is a very popular static analysis tool that scans code for quality and security issues. SonarQube has...

Find out more
1 2