To get you started, we’ve provided Official Uleska toolkits containing our favourite tried-and-tested Open Source AppSec tools. Right now, we have two Official toolkits for use - one for Code which statically analyses source code, Dockerfiles, and infrastructure-as-code configuration files, and another for Web testing which, given a URL, will poke, prod, and exercise your running application to find any vulnerabilities.
These Official toolkits will quickly and easily get you to a list of vulnerabilities found in your application, and you can start classifying and triaging right away without having to bother with any tool config, or any tool orchestration.
Our Official toolkits will give you a headstart in your AppSec programme, getting you running within minutes. If you want to customise these toolkits, or expand them beyond our default setup, you’re in luck, because in addition to our toolkits, you can create your own Custom Toolkits.
If you have specific tools you’d like to use (for example, our proprietary tools like Veracode or Snyk), or if you want a toolkit to match the different stages in your software development cycle, you can create as many Custom Toolkits as you’d like. They take moments to put together, and you can iterate and improve them over time, adding or removing tools as time (or budget) allows.
Start by understanding How to Test Applications with Toolkits, move onto digging into our Official Toolkits, and finally you can Create a Custom Toolkit to really take control of your Applications' testing routine.
Take the reins and create a Custom Toolkit unique to you and your code