Search Results for "code scan"

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. ...

...WeChat robot, using WeChat to complete the customized development of some functions. Modules are easy to use and easy to expand. Support customized development, such as logging, and automatic reply. Breakthrough login restrictions. No need to scan the QR code repeatedly to log in. Support multiple WeChat accounts to log in at the same time. Message reply, send text, pictures, files, emoji and other messages to designated objects (friends, groups) Hot login (no need to repeatedly scan the code to log in), custom message processing, file download, message anti-withdrawal. Obtain object information, set friend notes, pull friends into groups, etc.

...If you're using GitHub Actions, you can simply use our Grype-based action to run vulnerability scans on your code or container images during your CI workflows.

Gitleaks is a fast, lightweight, portable, and open-source secret scanner for git repositories, files, and directories. With over 6.8 million docker downloads, 11.2k GitHub stars, 1.7 million GitHub Downloads, thousands of weekly clones, and over 400k homebrew installs, gitleaks is the most trusted secret scanner among security professionals, enterprises, and developers. Gitleaks-Action is our official GitHub Action. You can use it to automatically run a gitleaks scan on all your team's pull...

...You can install dockle with the asdf version manager with this plugin, which automates the process of installing (and switching between) various versions of github release binaries. With asdf already installed, run commands to install dockle. You can scan your built image with Dockle in Travis CI/CircleCI. Though, you can ignore the specified target checkpoints by using .dockleignore file. Or, if you just want the results to display and not let the test fail for this, specify --exit-code to 0 in dockle command.

Coca is a toolbox that is design for legacy system refactoring and analysis, including call graph, concept analysis, api tree, and design patterns suggestions. Requirements: graphviz for dot file to image (such as svg, png). The easiest way to get coca is to use one of the pre-built release binaries which are available for OSX, Linux, and Windows on the release page.

Prevent Kubernetes misconfigurations from reaching production (again)! The CLI integration provides a policy enforcement solution to run automatic checks for rule violations. Datree is a CLI tool that supports Kubernetes admins in their roles by preventing developers from making errors in Kubernetes configurations that can cause clusters to fail in production. Our CLI tool is open source, enabling it to be supported by the Kubernetes community. It’s far more effective than manual processes,...