Orca Safety has introduced a brand new integration that can allow it to scan Bitbucket repositories for misconfigurations, uncovered secrets and techniques, and vulnerabilities.
In response to Orca Safety, code scanning is a vital aspect of any safety program, and when builders make the most of public code repositories, they usually should manually embed CLI safety instruments into every repository and CI/CD pipeline. This may add growth overhead, create friction between safety and growth groups, and it could be troublesome to persistently cowl all repositories.
With the Orca Bitbucket App, safety scans are robotically performed at any time when a department is merged. These scans will present contextual alerts and insights on tips on how to remediate safety points.
It additionally scans each pull request to detect newly launched points and forestall questionable code from being merged into the bigger codebase till points are resolved.
“By eliminating handbook safety configuration and embedding safety immediately into growth workflows, the Orca Bitbucket App delivers smarter, sooner, and more practical utility safety,” the corporate wrote in a weblog publish.
Orca Bitbucket App can even periodically scan inactive repositories to make sure that newly found vulnerabilities aren’t going unnoticed.
The app encompasses a Code Safety dashboard that gives visibility into all Bitbucket repositories and their safety findings.
The combination with Bitbucket follows comparable integrations Orca Safety already has with GitHub, GitLab, and Azure DevOps.