Skip to content

Latest commit

 

History

History
150 lines (136 loc) · 5.41 KB

README.md

File metadata and controls

150 lines (136 loc) · 5.41 KB

Documentation | Tutorial

Clouddefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting and other exploitable vulnerabilities.

What is CloudDefense.AI?

Introduction

Data is the ultimate motivator for hackers. Hackers are constantly looking for ways to exploit application vulnerabilities and gain access to sensitive data. The average enterprise company deals with hundreds of applications and this volume, understandably, creates a nightmarish situation for SecOps personnel to constantly certify, pen-test, and validate the security posture of each application. While the SecOps team is hard at work doing all that, developers become frustrated with the bottleneck. This is where CloudDefense helps. CloudDefense introduces a breakthrough platform for assessing the risk posture for the entire application stack and enables a more agile DevSecOps philosophy, which will help security move at the same pace as development.

Table of Content

Products

  • SAST
  • DAST
  • SCA
  • API Scanning
  • Containers

Language

                       

Installation

Mac

curl https://raw.githubusercontent.com/CloudDefenseAI/cd/master/release-1.38.6/cd-latest-mac-x64.tar.gz > /tmp/cd-latest-mac-x64.tar.gz && tar -C /usr/local/bin -xzf /tmp/cd-latest-mac-x64.tar.gz && chmod +x /usr/local/bin/cdefense

Windows

https://github.com/CloudDefenseAI/cd/raw/master/release-1.38.6/cd-latest-windows.exe.tar.gz

Linux

sudo curl https://raw.githubusercontent.com/CloudDefenseAI/cd/master/release-1.38.6/cd-latest-linux-x64.tar.gz > /tmp/cd-latest-linux-x64.tar.gz && tar -C /usr/local/bin -xzf /tmp/cd-latest-linux-x64.tar.gz && chmod +x /usr/local/bin/cdefense

Integrations

  1. Jenkins
  2. GoCD
  3. Gitlab
  4. Bitbucket
  5. CircleCI
  6. Teamcity
  7. Travis CI
  8. Azure DevOps

Usage

DotNet

cdefense sca --lang=dot_net --api-key=<YOUR_KEY> --project-name="example_project" 

GO

cdefense sca --lang=go --api-key=<YOUR_KEY> --project-name="example_project" 

Java

cdefense sca --lang=java --api-key=<YOUR_KEY> --project-name="example_project" 

Kotlin

cdefense sca --lang=kotlin --api-key=<YOUR_KEY> --project-name="example_project" 

Node

cdefense sca --lang=node --api-key=<YOUR_KEY> --project-name="example_project" 

Objective C

cdefense sca --lang=objective_c --api-key=<YOUR_KEY> --project-name="example_project" 

Php

cdefense sca --lang=php --api-key=<YOUR_KEY> --project-name="example_project" 

Python

cdefense sca --lang=python --api-key=<YOUR_KEY> --project-name="example_project" 

Rust

cdefense sca --lang=rust --api-key=<YOUR_KEY> --project-name="example_project" 

Swift

cdefense sca --lang=swift --api-key=<YOUR_KEY> --project-name="example_project"