STO technical reference | Harness Developer Hub

External scanner support and requirements

This topic lists supported scanners, ingestion methods, and requirements.

Built-in scan steps

5 items

Anchore Enterprise scanner reference

Scan container images with Anchore Enterprise.

Aqua Security scanner reference

Scan container images with Aqua Security.

Aqua Trivy

2 items

AWS ECR scanner reference

Scan container images with AWS ECR.

AWS Security Hub scanner reference

Scan configurations with AWS Image scanner.

Bandit scanner reference

Scan code repositories with with Bandit.

Black Duck scanner reference

Scan code repositories and container images with Black Duck.

Brakeman scanner reference

Scan code repositories with Brakeman.

Burp scanner reference

Scan application instances with Burp.

Checkmarx scanner reference

Scan code repositories with Checkmarx.

Clair scanner reference

Scan container images with Clair.

CodeQL scanner reference

Scan code repositories with CodeQL.

Coverity settings reference

Scan code repositories with Coverity.

Custom Ingest step reference

Ingest SARIF or JSON scan results.

Custom Scan step reference

Set up scans using key-value pairs.

Data Theorem scanner reference

Scan code repositories with Data Theorem.

Docker Content Trust (DCT) scanner reference

Scan container images with Docker Content Trust.

Fortify Static Code Analyzer scanner reference

Ingest Fortify scan results into your pipelines.

Fortify on Demand scanner reference

Ingest Fortify on Demand scan results into your pipelines.

Fossa scanner reference

Scan code repositories with Fossa.

Gitleaks scanner reference

Scan code repositories with Gitleaks.

Grype

2 items

HCL AppScan scanner reference

Ingest DAST scan results from HCL AppScan.

Mend scanner reference

Scan code repositories and container images with Mend.

Metasploit Framework scanner reference

Scan application instances with Metasploit Framework.

Nessus scanner reference

Scan application instances with Nessus.

Nexus scanner reference

Scan code repositories with Nexus.

Nikto scanner reference

Scan application instances with Nikto.

Nmap (Network Mapper) scanner reference

Scan application instances with Nmap.

OpenVAS scanner reference

Scan application instances with OpenVAS.

Open Source Vulnerabilities (OSV) scanner reference

Scan code repositories with OSV

OWASP Dependency-Check scanner reference

Scan code repositories with OWASP Dependency Check.

Prisma Cloud (formerly Twistlock) scanner reference

Scan container images with Prisma Cloud.

Prowler scanner reference

Scan configurations with Prowler.

Qualys Web Application Scanning (WAS) scanner reference

Scan application instances with Qualys WAS.

Qwiet AI (formerly ShiftLeft) scanner reference

Scan code repositories with Qwiet AI.

Reapsaw scanner reference scanner reference

Scan code repositories with Reapsaw.

ScoutSuite scanner reference

Scan configurations with ScoutSuite.

Semgrep

2 items

Snyk

2 items

SonarScanner scanner reference

Scan code repositories with SonarQube SonarScanner.

Sysdig scanner reference

Scan container images with Sysdig.

Tenable scanner reference

Scan application instances with Tenable.

Veracode scanner reference

Scan code repositories with Veracode.

Wiz

3 items

Jfrog Xray scanner reference

Scan container images with Jfrog Xray.

Zed Attack Proxy (ZAP)

2 items