Security Tools

The following security tools are implemented by Jit workflows to detect potential security vulnerabilities:

Security ToolLayerObjectiveDocumentation
BanditCodeCode scanningrepo
GosecCodeCode Scanningrepo
SemgrepCodeCode scanningrepo
GitleaksCodeSecret detectionrepo
NancyCodeDependency checkrepo
OWASP-dependency-checkCodeDependency checkrepo
npm-auditCodeDependency checkdocs
KICSInfrastructureInfrastructure-as-code scanningrepo
TrivyInfrastructureContainer scanningrepo
ZAPRuntimeDynamic scanningrepo
AirIAMLeast privilegeLeast privileged IAM rolesrepo
ProwlerInfrastructureRuntime scanningrepo
mfa-github-checker3rd party appGitHub 2FA checkerJit tool
mfa-aws-checker3rd party appAWS 2FA checkerJit tool
bp-github-checker3rd party appBranch Protection checkerJit tool