-
When handling vulnerabilities of production systems, it would be nice to also have the port scan data in the same place as found vulnerabilities. Would you consider adding a nmap parser to Threadfix? …
-
~~* Talisman on commit (SAST) Done~~
~~* Talisman on pipeline (SAST)~~
~~* OWASP dependency checker on pipeline(SCA)~~
* OWASP Zap(DAST)
-
Build 'CryptoWeb' is failing!
Last 50 lines of build output:
```
[...truncated 133 lines...]
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e …
-
As a customer
I want my data to be safe and secure.
So that it cannot be stolen.
-
It would be nice to have some sort of security scanning functionality in CI to try to catch any security problems.
## SCA / Dependency scanning
- Snyk? (sketchy PNPM support?)
- [OWASP Dependen…
-
As tools it is noted, many tools may contribute data to the "final" published SBOM. Currently, there is no means to associate "evidence" (including other concluded data such as from "license" determi…
-
The idea is to build an environments that supports build, test and deployment of cloud - native, Serverless and containerized application.
-
[!] Total execution time : 2.497s …
-
```
What steps will reproduce the problem?
1. Using OpenBox and oblogout script
2. Oblogout doesn't use pm-suspend. It uses freedesktop.org UPower
3. Suspend the computer, when revived, the monitor st…
-
Hi, team! Thanks for the great project. I think it would be useful to add more information about different tools that can be used to test an application and detect security issues. For example, Arachn…