Security Tools
The following security tools are implemented by Jit workflows to detect potential security vulnerabilities:
Security Tool | Layer | Objective | Supports | Documentation |
---|---|---|---|---|
Bandit | Code | Code scanning (SAST) | Python | repo |
Gosec | Code | Code Scanning (SAST) | Golang | repo |
Semgrep | Code | Code scanning (SAST) | Javascript, Typescript, Java, Scala | repo |
Gitleaks | Code | Secret detection | Textual file types | repo |
Nancy | Code | Dependency check (SCA) | Golang | repo |
OSV-Scanner | Code | Dependency check (SCA) | Python, PHP | repo |
npm-audit | Code | Dependency check (SCA) | Javascript, Typescript | docs |
KICS | Infrastructure | Infrastructure-as-code scanning | Terraform, Serverless, Pulumi, CloudFormation, AWS CDK | repo |
Trivy | Infrastructure | Container scanning | Docker files | repo |
ZAP | Runtime | Dynamic scanning | APIs, Web applications | repo |
Prowler | Infrastructure | Runtime scanning | AWS | repo |
mfa-github-checker | 3rd party app | GitHub 2FA checker | Jit tool | |
mfa-aws-checker | 3rd party app | AWS 2FA checker | Jit tool | |
bp-github-checker | 3rd party app | Branch Protection checker | Jit tool |
Updated 24 days ago