Our main goal is to implement a major security testing platform and framework which enables developers and teams to integrate a bunch of security testing tools in their CI/CD environment or kubernetes environment as easy as possible. For more information about this project, please have look at our GitHub Repo secureCodeBox or online documentation. We strongly recommend to run extensive tests by experienced penetration testers on all your applications. The purpose of secureCodeBox is not to replace the penetration testers or make them obsolete. With secureCodeBox we provide a toolchain for continuous scanning of applications to find the low-hanging fruit issues early in the development process and free the resources of the penetration tester to concentrate on the major security issues. Its goal is to orchestrate and easily automate a bunch of security-testing tools out of the box. The OWASP secureCodeBox Project is a kubernetes based, modularized toolchain for continuous security scans of your software project.
