search

ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.46k stars 488 forks source link

Support DAST tools like ZAP #581

Open psiinon opened 3 years ago

psiinon commented 3 years ago

Is your feature request related to a problem? Please describe. Score Card already reports certain SAST tools in use, reporting DAST tools would seem to be a good enhancement.

Describe the solution you'd like Report detected DAST tools in a similar way to SAST ones :)

Describe alternatives you've considered N/A

Additional context The ZAP GitHub actions are the easiest way to detect if ZAP is being used right now: https://github.com/marketplace?type=&verification=&query=owasp+zap+ Some other DAST actions that could be detected: https://github.com/marketplace?query=dast+

laurentsimon commented 3 years ago

Thanks for the suggestion.

github-actions[bot] commented 10 months ago

This issue is stale because it has been open for 60 days with no activity.