ASH - The Automated Security Helper
#Application Protection#Application Security
An automated API security testing platform that provides continuous vulnerability assessment, validation, and educational resources for API endpoint security.
The Security Helper Tool: Enhancing Code Safety
The security helper tool was developed to assist you in minimizing the chances of a security violation in new code, infrastructure, or IAM configuration. It offers a quick and user-friendly way to perform preliminary security checks as early as possible in your development process.
It is not a replacement
It does not serve as a substitute for a human review or the standards that your team or customer enforces.
It Uses Lightweight, Open Source Tools for Flexibility
It utilizes lightweight, open source tools to ensure flexibility and the capability to operate from any location. ASH is in the process of cloning and executing various open-source tools, including: git-secrets, bandit, Semgrep, Grype, Syft, nbconvert, npm-audit, checkov, cdk-nag, and cfn-nag. Please make sure to review the LICENSE of each tool before using them.
ASH Change Advisory: We are currently engaged in re-architecting ASH with a focus on developing a single-container architecture, along with comprehensive documentation to support this effort.
Supported Frameworks: The security helper supports
