Puma Scan Professional Azure DevOps Extension
Puma Scan analyzes your source code for vulnerabilities identified in the OWASP Top 10, SANS/CWE Top 25, and other common insecure coding patterns as you write code in Visual Studio. The current vulnerability categories covered by Puma Scan include: Insecure Application Configuration, SQL Injection, LDAP Injection, Command Injection, Path Tampering, Weak Password Configuration, Unvalidated Redirects, Cross-Site Scripting, Cross-Site Request Forgery, Weak Input Validation, Insecure Cryptography, Insecure Object Deserialization, Broken Authentication, Broken Access Control, Server-side Request Forgery, and Poor Secrets Management.
The Puma Scan Professional Azure DevOps Extension enables the following features in an Azure Build Pipeline:
Puma Scan Summary and Details
More details on configuring and running Puma Scan Professional in Azure DevOps can be found on our Support Page.
Thank you to the following Puma Scan Contributor(s) for this extension: