https://github.com/jupiterone/sast-scan-tools

NodeJS functions and scripts for using AppThreat/sast-scan with JupiterOne
https://github.com/jupiterone/sast-scan-tools

Last synced: 12 months ago
JSON representation

NodeJS functions and scripts for using AppThreat/sast-scan with JupiterOne

Host: GitHub
URL: https://github.com/jupiterone/sast-scan-tools
Owner: JupiterOne
License: mpl-2.0
Created: 2020-06-10T03:37:02.000Z (about 6 years ago)
Default Branch: main
Last Pushed: 2024-04-24T04:28:17.000Z (about 2 years ago)
Last Synced: 2025-04-11T03:58:33.118Z (about 1 year ago)
Language: TypeScript
Size: 185 KB
Stars: 0
Watchers: 4
Forks: 2
Open Issues: 13
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS

Awesome Lists containing this project

README

          # sast-scan-tool

NodeJS functions and scripts for using [AppThreat/sast-scan](https://github.com/AppThreat/sast-scan) to

perform static code scans against Lambda and ECS resources discovered in target AWS accounts.

## Example script usage (using locally available .aws/config)

This script example will:

* query JupiterOne for lambda functions created or updated in the last 30 days

* retrieve their associated zipfiles  (you will need Lambda.GetFunction permissions)

* scan the unzipped code with `sast-scan`

* ingest the output into JupiterOne as Finding entities

```bash

env J1_API_TOKEN=eyJhoCJ1... J1_ACCOUNT=mycorp AWS_SDK_LOAD_CONFIG=true ./bin/scan-lambda.ts

```

## Outputs

JupiterOne Findings, which will minimally have the following properties:

* remediated (boolean)

* federal (boolean)

* tag.Project

* tag.AccountName

as well as a HAS relationship with the Lambda that was scanned.

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/jupiterone/sast-scan-tools

Awesome Lists containing this project

README