Announcing ShiftLeft Scan — An integrated scanner for modern DevOps
It gives us great pleasure to announce Scan — a free and open-source security product from the ShiftLeft Incubator. Scan is built specifically for the needs of modern DevOps teams and requires no training or user manuals to get started or to integrate into your DevOps pipelines. And best of all — it supports all major CI/CD systems and public cloud vendors from the get-go.
We wanted to get this product into the hands of every single team, big or small, without any barriers to use and improve. Scan is free and open-source!
What is Scan?
ShiftLeft Scan is a free and open-source code analysis tool for modern DevOps teams. With an integrated multi-scanner design, Scan can detect various kinds of security flaws in applications and infrastructure code in a single fast scan. The kind of flaws detected are:
- Credentials Scanning to detect accidental secret leaks
- Static Analysis Security Testing (SAST) for a range of languages and frameworks
- Open-source dependencies audit
- License violation checks
The product supports a range of integration options: from scanning every code in your IDE to scanning every build and pull-request in the CI/CD pipelines.
Languages supported
- Salesforce Apex
- bash
- Go
- Java
- JSP
- Node.js
- Oracle PL/SQL
- Python
- Rust (Dependency and License scan alone)
- Terraform
- Salesforce Visual Force
- Apache Velocity
How to get started?
If you are a developer or a security professional looking to understand the product in detail, start with our documentation pages or the extensions for Visual Studio Code, Azure DevOps Marketplace, and GitHub.
Contact us if you would like to discuss your DevSecOps workflow needs.
