Quick & easy installationIt's a quick and straight forward installation. It works on every system and is ready to use from start.
For professionals & rookiesYou can start scans without any configuration right away and use best practice tests. But each scanner also provides extensive configuration options.
Monitor your resultsEasily monitor each scanner's results through pre-designed (or self made) dashboards, use a tool integration such as e.g. DefectDojo or integrate the persistence tool of your choice.
Design your own processOur architecture is designed for open flexibility and free adjustments. New tools can be integrated fairly simple and you can design your own scan and monitor process.
How does the secureCodeBox help our team?
- SDLC support
- Highly scalable: multiple teams, applications and whole networks.
- Scans can range from low-hanging fruits to pen testing.
- We don`t assign grades, someone needs to interpret the scan results.
- Besides our examples, we do not provide many advanced, pre-configured scans.
Subdomain Enumeration Scanner
Discover git repositories
Find potential secrets in repositories
Kubernetes Vulnerability Scanner
Kubernetes Configuration Scanner
Network authentication bruteforcing
Webserver Vulnerability Scanner
Network discovery and security auditing
Takes Screenshots of websites
SSH Configuration and Policy Scanner
SSL/TLS Configuration Scanner
Container Vulnerability Scanner
Wordpress Vulnerability Scanner
WebApp & OpenAPI Vulnerability Scanner
Cascading Scans (processing)
Cascading Scans based declarative Rules.
Publishes all Scan Findings to DefectDojo.
Publishes all Scan Findings to Elasticsearch.
Generic WebHook (integration)
Publishes Scan Findings as WebHook.
MS Teams WebHook (integration)
Publishes Scan Summary to MS Teams.
Slack WebHook (integration)
Publishes Scan Summary to Slack.
Static Report (persistenceProvider)
Publishes all Scan Findings as HTML Report.
Update Field (dataProcessing)
Updates fields in finding results.