Orca Safety has introduced a brand new integration that can allow it to scan Bitbucket repositories for misconfigurations, uncovered secrets and techniques, and vulnerabilities.
Based on Orca Safety, code scanning is a crucial factor of any safety program, and when builders make the most of public code repositories, they sometimes must manually embed CLI safety instruments into every repository and CI/CD pipeline. This will add improvement overhead, create friction between safety and improvement groups, and it could be tough to persistently cowl all repositories.
With the Orca Bitbucket App, safety scans are robotically carried out each time a department is merged. These scans will present contextual alerts and insights on how you can remediate safety points.
It additionally scans each pull request to detect newly launched points and stop questionable code from being merged into the bigger codebase till points are resolved.
“By eliminating guide safety configuration and embedding safety straight into improvement workflows, the Orca Bitbucket App delivers smarter, sooner, and more practical software safety,” the corporate wrote in a weblog put up.
Orca Bitbucket App can even periodically scan inactive repositories to make sure that newly found vulnerabilities aren’t going unnoticed.
The app incorporates a Code Safety dashboard that gives visibility into all Bitbucket repositories and their safety findings.
The mixing with Bitbucket follows related integrations Orca Safety already has with GitHub, GitLab, and Azure DevOps.
