-
Notifications
You must be signed in to change notification settings - Fork 38
Home
The Be-Secure Manager(BeSman) project is the project which is involved in the development/supporting of the command line utility, BeSman which focused on setting up customized security environments. Since this utility comes under the Be-Secure projects, which is basically an umbrella of opensource security projects, tools, sandbox environments to perform security assessments and secure opensource technology stacks, BeSman project also have the task of continuously analyzing its member projects for its features, bugs, or improvements and will perform comparison of tools which is of similar type
This analysis helps in handpicking the right tools/or combination of tools for setting up environments both for now and future. As part of the member project's analysis this project's wiki page will be updated with tools/tools set's
- Feature analysis
- Drawback listing
- Comparison with same kind.
This wiki main page will give you an overview of the analyzed tools/toolset, its status(whether the analysis completed) and this status will act as a link which will take you to the description/analysis page. One more cool feature is, analysis will be a continuous process based on the release of new version(only major releases considered) of same utility/app and therefore the 'status' is bidirectional, which means the 'finished' state can go back to 'in progress' to update the analysis details of new version.
| Sl | Contents for analysis | Type of analysis | Status |
|---|---|---|---|
| 1 | Trivy, Grype, Anchore-Engine | Comparison | Completed |
| 2 | CodeQL | Analysis based on advance features | Completed |
| Comparison with SonarQube | Ongoing | ||
| Comparison with Coverity | Not started | ||
| 3 | Sonatype-lift | Analysis based on advance features | Ongoing |
| 4 | WhiteSource Cure | Analysis based on advance features | Not started |
| 5 | Gitlab - security | Analysis based on advanced security features | Ongoing |