Getting Started
Go to https://scantist.io and sign in with any of your preferred version control services like Github, Gitlab, or Bitbucket.
Once in, click on the Projects tab, followed by Manage Projects.
You should now see a list of your repositories on the page. Click on the small green ‘plus’ icon next to the repository name to add it as a project and trigger a scan.
In a few short seconds, you should see your results. If you have vulnerabilities, click on the number to view the detailed results.
Bonus: Click on the project name, and under Scan Settings enable event-driven scan to trigger a scan every time a new Pull Request or Merge Request is created.
And there you have it. You are now covering 60-90% of your application’s total code-base against over 100,000+ known vulnerabilities affecting open-source and third-party components that are most often used to target applications. That wasn’t as hard as you thought, was it?
Next Steps
Now that you have taken the first step to DevSecOps, there are a few additional steps you can take to further improve your application security posture.
Carnegie Mellon University researcher Thomas Scanlon
Github has a few security controls that are readily available to use
open-source application security tools at OWASP
We know most organisations have only just made the exhausting transition to DevOps - or are actually still undergoing that transition. And adding another set of integrations - especially for security in a complex risk landscape - can seem daunting at first. We hope this blog helps make things a little easier and gives you that little push we all need to get started!
Related Blogs
Find out how we’ve helped organisations like you
Cybersecurity Innovation Day 2024 – Scantist’s Innovation of Supply Chain Security with AI Technology
Scantist commemorated the Cybersecurity Innovation Day 2024 on Monday, as one of the Singapore’s most vibrant cybersecurity community event held with regard to Cyber Security Organized by the Cyber Security Agency of Singapore (CSA) and the CyberSG TIG Collaboration Centre.
🌟 Celebrating the Success of NTU Cyber Security Day 2024! 🌟
We are excited to celebrate the successful completion of the 2024 NTU Cyber Security Day!
The Urgent Need for Vigilance in the Software Supply Chain
In an era where digital infrastructure underpins nearly every aspect of our lives, from banking, automotive to healthcare, the integrity of our software supply chain has never been more critical. Recent data from cybersecurity experts paints a stark picture: software supply chain attacks are occurring at an alarming rate of one every two days in 2024. This surge in attacks, targeting U.S. companies and IT providers most frequently, poses a severe threat to national security and economic stability.