Git Clone
Source component that clones a repository for scanning
Trufflehog
Producer component that scans for secrets in repositories.
Python Bandit
Producer component - SAST scanner that analyses Python source code to look for security issues.
Python PIP Safety
Producer component that scans dependencies for Python projects.
CDXGEN
Producer component that generates a CycloneDX SBOM from source code.
Semgrep
Producer component that analyses source code with Semgrep to look for security issues.
Snyk Node
Producer component that runs Snyk for JavaScript, TypeScript and Node.
Snyk Python
Producer component that runs Snyk for Python.
Snyk Docker
Producer component that scans Docker containers with Snyk.
OSSF Scorecard
Producer component that generates scorecards for projects to show how they adhere with best practices.
Deduplication Enricher
Enricher component that compares multiple inputs and removes duplicates.
Custom Annotations Enricher
Enricher component that adds a set of custom annotations to all issues that pass through it.
Jira
Consumer component that pushes findings to a Jira instance.
ElasticSearch
Consumer component that pushes findings to an ElasticSearch database.
Slack
Consumer component that pushes findings to a Slack channel.
Stdout JSON
Consumer component that prints findings to stdout in JSON format.
PDF document
Consumer component that prints findings into a PDF document.
Defect Dojo
Consumer component that pushes findings to a DefectDojo vulnerability management instance.