Orca Security has announced a new integration that will enable it to scan Bitbucket repositories for misconfigurations, exposed secrets, and vulnerabilities.
According to Orca Security, code scanning is an important element of any security program, and when developers utilize public code repositories, they typically have to manually embed CLI security tools into each repository and CI/CD pipeline. This can add development overhead, create friction between security and development teams, and it may be difficult to consistently cover all repositories.
With the Orca Bitbucket App, security scans are automatically conducted whenever a branch is merged. These scans will provide contextual alerts and insights on how to remediate security issues.
It also scans every pull request to detect newly introduced issues and prevent questionable code from being merged into the larger codebase until issues are resolved.
“By eliminating manual security configuration and embedding security directly into development workflows, the Orca Bitbucket App delivers smarter, faster, and more effective application security,” the company wrote in a blog post.
Orca Bitbucket App can also periodically scan inactive repositories to ensure that newly discovered vulnerabilities aren’t going unnoticed.
The app features a Code Security dashboard that provides visibility into all Bitbucket repositories and their security findings.
The integration with Bitbucket follows similar integrations Orca Security already has with GitHub, GitLab, and Azure DevOps.
The post Orca Security announces new solution for scanning Bitbucket repositories for security issues appeared first on SD Times.
Source: Read MoreÂ