Top 5 Free Security Tools Developers Will Love in 2022 π₯π₯π₯
One of the key ways to get developers to jump wholeheartedly onto the application security (appsec) bandwagon is to stop making it so darned difficult for them to shoehorn security processes into their daily workflows.
A big ingredient to DevSecOps success is an organization's ability to implement security tools that developers don't hate.
Here are some promising possibilities:
Contrast CodeSec - Free Application Security tool for developers using CLI, and GitHub (Scan's source code, open-source libraries, and Serverless environment's)- https://www.contrastsecurity.com/developer/codesec/
GitHub CodeQL - Free source code scanner for GitHub only - https://codeql.github.com/
Snyk - Free Application Security tool for developers using CLI, and GitHub (Scans source code, open open-source libraries) - https://snyk.io/
Mend (WhiteSource) - Free open-source library scanner only for CLI and GitHub - https://www.mend.io/free-developer-tools/
AppScan CodeSweep - Free source-code scanner only JetBrains, VsCode, GitHub - https://www.hcltechsw.com/appscan/codesweep
All π― FREE.
Top comments (2)
What's missing? Let me know!
I use both CodeQL and Snyk. Both are very good. I also use Sonatype Lift, which is my favorite tool for static analysis.