Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ivanmar
Employee Alumnus
Employee Alumnus

How to setup Shiftleft

 

In this post, we are going to show how to download and install Shiftleft. Shiftleft is a CLI-based tool that helps developers include security checks as part of their application development process. Shiftleft includes three different modules (also called 'blades')

  • code-scan: Using as input a directory that contains a Git repository, Shiftleft will scan it for vulnerabilities, weak coding practices, sensitive content, and malicious files among other categories
  • image-scan: Using as input a  container image, compressed into a file, this blade will apply all the capabilities already provided by code-scan and will add on top of that the scanning of OS-level packages included in the container image.
  • iac-assessment: In combination with CloudGuard, Infrastructure as code assessment allows users to apply policies to their Terraform projects. The mechanism to define those rules is by making use of CloudGuard Governance Specification Language (GSL). A high-level, human-friendly language.  
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.