OtherDevOpsGene / zap-sonar-pluginLinks
Integrates OWASP Zed Attack Proxy reports into SonarQube
☆72Updated 3 months ago
Alternatives and similar repositories for zap-sonar-plugin
Users that are interested in zap-sonar-plugin are comparing it to the libraries listed below
Sorting:
- OWASP SonarQube Project☆110Updated 6 years ago
- Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).☆138Updated 3 weeks ago
- The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.☆60Updated last year
- Container Security Verification Standard☆58Updated 6 years ago
- A simple Java command-line utility to mirror the CVE JSON data from NIST.☆210Updated 2 years ago
- Checkmarx Scan and Result Orchestration☆99Updated 2 weeks ago
- Ready to use images of Zap and Glue, especially for CI integration.☆35Updated 6 years ago
- Zap baseline scanner in Docker with authentication☆103Updated last year
- Integrates Dependency-Check reports into SonarQube☆669Updated last week
- Demo - how to easily build security testing for Web App, using Zap and Glue☆60Updated 4 years ago
- Fortify SonarQube Plugin☆22Updated 4 years ago
- Integrates Xanitizer results into SonarQube☆21Updated 4 years ago
- A simple tool for interacting with OWASP ZAP from the commandline.☆248Updated 2 years ago
- BDD Automated Security Tests for Web Applications☆567Updated 2 years ago
- A simple Java command-line utility to mirror the entire contents of VulnDB.☆48Updated 3 months ago
- Code Pulse is a real-time code coverage tool for penetration testing activities☆122Updated 2 years ago
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆195Updated 7 years ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆149Updated 5 years ago
- Deprecated; please use fcli instead☆27Updated 2 months ago
- Jenkins Plugin from Contrast Security☆13Updated last year
- A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…☆152Updated last week
- ZAP Management Scripts☆23Updated 3 weeks ago
- Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project…☆110Updated last year
- AppSecPipeline Specification for DevOps automation.☆40Updated 2 years ago
- DevSecOps Toolchain☆112Updated 7 years ago
- Scanning and analysis for Black Duck SCA products.☆185Updated this week
- Software Component Verification Standard (SCVS)☆150Updated 6 months ago
- ☆21Updated 3 years ago
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆43Updated 2 weeks ago
- SEDATED® Project (Sensitive Enterprise Data Analyzer To Eliminate Disclosure)☆110Updated 8 months ago