Skip to content
| Marketplace
Sign in
Azure DevOps>Azure Pipelines>Puma Scan Professional Azure DevOps
Puma Scan Professional Azure DevOps

Puma Scan Professional Azure DevOps

Puma Security

|
246 installs
| (0) | Paid
Puma Scan is a software security source code analysis extension that scans code for vulnerabilities, generates security reports, and enforces security requirements.
Get

Puma Scan Professional Azure DevOps Extension

Puma Scan analyzes your source code for vulnerabilities identified in the OWASP Top 10, SANS/CWE Top 25, and other common insecure coding patterns as you write code in Visual Studio. The current vulnerability categories covered by Puma Scan include: Insecure Application Configuration, SQL Injection, LDAP Injection, Command Injection, Path Tampering, Weak Password Configuration, Unvalidated Redirects, Cross-Site Scripting, Cross-Site Request Forgery, Weak Input Validation, Insecure Cryptography, Insecure Object Deserialization, Broken Authentication, Broken Access Control, Server-side Request Forgery, and Poor Secrets Management.

The Puma Scan Professional Azure DevOps Extension enables the following features in an Azure Build Pipeline:

  • Security analyzers run on application source code during each build

  • Export vulnerability data to HTML, JSON, MSBuild, and MSTest formatted reports

  • Download vulnerability reports from the build's artifacts

  • Parse and display Puma Scan vulnerabilities as Unit Test results

  • View the number of Puma Scan vulnerabilities by severity on the build summary screen

  • View the Puma Scan vulnerability details on the Puma Scan Pro screen.

Installation Instructions

  • Please view the Puma Scan Azure DevOps Installation Guide for purchasing and step-by-step activation instructions.

Puma Scan Summary and Details

  • View the build pipeline Summary tab to view the artifacts, warnings, and Puma Scan Pro summary.

  • View the build pipeline Puma Scan Pro tab to view the detailed scan results.

  • Download the Puma Scan vulnerability reports using the build Artifacts

Learn More

More details on configuring and running Puma Scan Professional in Azure DevOps can be found on our Support Page.

Supported Environments

  • Windows 2017 Hosted Agents

  • Windows 2019 Hosted Agents

Contributors

Thank you to the following Puma Scan Contributor(s) for this extension:

  • Andrew Guggenberger - Senior Security Engineer

  • Eric Johnson (@emjohn20) - Principal Security Engineer

  • Eric Mead (@ericmmead) - Principal Security Engineer

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2025 Microsoft