Abstract: Examples provide a single-command menu option for initiating security scanning of source code without user interaction with the security scan component performing the security scan. The single-command menu option can include a single-click menu option in a graphical user interface, a command-line utility or a web interface for performing web service calls to the security scanning service(s). A user selects source code for scanning. A zip file is created for the selected source code. The zip file is placed in a target directory or scan queue for upload to the security scan component. A user ID appended to the source code is utilized to return a summary report of the scan results to the user without user credentials or login to the system.

Abstract: Systems and methods for preventing vulnerable software assets from being deployed by modifying the underlying source code in such a way that a build of the software asset will fail. In one aspect of the present disclosure, a system for securing software artifacts in a repository comprises a repository interface communicably coupleable to a software repository to retrieve an original artifact usable for building a software asset, and to replace the original artifact in the software repository with a modified artifact. A security scanner is configured to initiate a security scan of the original artifact and produce an output indicating the presence of a security vulnerability in the original artifact. An encoder is configured to reversibly modify the original artifact to produce the modified artifact, the modified artifact unusable for building the software asset.

Abstract: Systems and methods for preventing vulnerable software assets from being deployed by modifying the underlying source code in such a way that a build of the software asset will fail. In one aspect of the present disclosure, a system for securing software artifacts in a repository comprises a repository interface communicably coupleable to a software repository to retrieve an original artifact usable for building a software asset, and to replace the original artifact in the software repository with a modified artifact. A security scanner is configured to initiate a security scan of the original artifact and produce an output indicating the presence of a security vulnerability in the original artifact. An encoder is configured to reversibly modify the original artifact to produce the modified artifact, the modified artifact unusable for building the software asset.

Abstract: Examples provide a single-command menu option for initiating security scanning of source code without user interaction with the security scan component performing the security scan. The single-command menu option can include a single-click menu option in a graphical user interface, a command-line utility or a web interface for performing web service calls to the security scanning service(s). A user selects source code for scanning. A zip file is created for the selected source code. The zip file is placed in a target directory or scan queue for upload to the security scan component. A user ID appended to the source code is utilized to return a summary report of the scan results to the user without user credentials or login to the system.