Public Repository

Last pushed: 19 days ago
Short Description
Run various OWASP (and other) security tools and collect consolidated output.
Full Description

Glue is a ruby program that takes different kinds of security tools, runs them and conslidates the output, then pushes it to various formats (csv, jira, text). It is intended to make it easier to inject security analysis into whatever part of your build and deploy pipeline that you want.

A common use case might be: run glue in its docker image from jenkins nightly and push the output of applicable tools to JIRA as issues in a project for review.

It currently runs:

  • Brakeman
  • Bundler Audit
  • OWASP Dependency Check
  • Retire.js
  • eslint

It also has experimental support for:

  • ZAP (via API)
  • PMD
  • FindSecurityBugs
  • Checkmarx
Docker Pull Command