The Jenkins security team created a custom code scanner based on GitHub's CodeQL. It is capable of finding vulnerabilities common in Jenkins plugins. This page ...
Missing: example | Show results with:example
Mar 2, 2020 · SpotBugs has long been used in Jenkins to catch bugs and improve code quality. Findsecbugs adds valuable security-related bug definitions. As we ...
Feb 25, 2024 · Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.
Missing: /search | Show results with:/search
Mar 25, 2024 · Add the ability to scan your dependencies and get an insight on the vulnerabilities, compliance, maintainability, popularity and more.
The Silence of the Lambs: Inspecting binaries with Jenkins
www.jenkins.io › blog › 2018/11/12 › in...
Nov 12, 2018 · Summary. This closes our quick walkthrough of how to inject security related quality gates into a Jenkins based delivery pipeline. We've ...
Nov 28, 2023 · This is the official Jenkins plugin for Fortify Static Code Analyzer (SCA) and Fortify Software Security Center (SSC).
Missing: maven web
Feb 29, 2024 · Veracode addresses common Application Security challenges with a unique combination of automated application analysis in the pipeline, plus ...
Missing: /search web example
This page lists all security advisories that have been published so far. This index is also available as an RSS feed. 2024. Jenkins Security Advisory 2024-04 ...
Missing: example | Show results with:example
7 days ago · The SOOS SCA Plugin will locate and analyze any supported manifest files under the specified directory. To use SOOS SCA Plugin you need to:.
The Maven project object model ("POM") defines a parent project object model that provides default settings. An update of the parent POM will allow this ...