Mend.io (Formerly WhiteSource) implemented a technical integration with Secure Code Warrior® in its SAST solution to provide Just-in-time and highly relevant learning on secure coding techniques tailored to each finding in the code security report created by Mend in GitHub
How does this work?
For each finding in the code security report, Mend calls our direct linking API to fetch the most relevant training content:
- Introduction video to provide an overview of the vulnerability category
- Interactive "in-code" learning activity to locate and fix the vulnerability.
- Instructional reading with links to relevant resources about the vulnerability.
How to enable the integration?
The integration is enabled by default and the link to SCW is presented within the Mend Security Report. This is only available through the Mend SAST GitHub integration.
For more information on this integration, please see the Mend documentation below for your reference https://docs.mend.io/bundle/platform/page/get_training_on_typical_vulnerabilities.html
Related Links:
Comments
0 comments
Please sign in to leave a comment.