Choosing Appropriate Scanners for Repository Security¶
BoostSecurity offers a comprehensive suite of robust scanners. These scanners are designed to effectively detect and resolve potential security risks, providing you with a thorough and reliable security solution. You have the flexibility to choose from a wide range of scanners. Each scanner is designed to cater to specific needs, making it easier for you to decide which ones are most appropriate for your particular repository.
That's why BoostSecurity provides a range of tools tailored to different programming languages, enabling you to pinpoint potential vulnerabilities in your repository with ease which are:
| Scanner | Security Requirement | Supports |
|---|---|---|
| BoostNative | SAST | Go, Java, JavaScript, Python, Ruby, Terraform, TypeScript |
| Brakeman | SAST | Ruby |
| Bundler Audit | SCA | Ruby |
| Checkov | SAST | Ansible, CloudFormation, Kubernetes, Serverless, Terraform |
| CodeQL | SAST | Go, Java, JavaScript, Python, Ruby, TSX, TypeScript |
| Gitleaks | SAST | CloudFormation, Docker, Go, Java, JavaScript, Kotlin, Kubernetes, PHP, Python, Ruby, Rust, Scala, Serverless, Terraform, TSX, TypeScript |
| GoSec | SAST | Go |
| Nancy | SCA | Go |
| NPM Audit | SCA | JavaScript, TypeScript |
| OSV Scanner | SCA | Go, JavaScript, Python, Ruby, TypeScript |
| Safety | SCA | Python |
| Semgrep | SAST | c, Docker, Go, Java, JavaScript, Kotlin, PHP, Python, Ruby, Rust, Scala, Terraform, TSX, TypeScript |
| Snyk | SCA | Go, Java, JavaScript, Kotlin, PHP, Python, Ruby, Scala |
| Trivy | SCA, SBOM | Docker, Go, Java, JavaScript, .Net, Python, Ruby, TypeScript |