Security Champion: Tools Reference List
This is an inexhaustive security scanning list, intended to be only used a reference.
| Check | Tools |
|---|---|
| Secret Scanning (Local) | Talisman |
| Secret Scanning (Remote) | GitHub Secret Scanning |
| SAST | SonarQube |
| SCA | Dependency Check |
| Container Security | Trivy, OPA Conftest |
| Kubernetes Security | Trivy, OPA Conftest, Kubesec, kube-bench |
| DAST | OWASP ZAP |