Analysing also the IaC code, reports the potential vulnerabilities and proposes potential fixes, addressing the dependency information from the IaC and application code, detect included programs and libraries with known vulnerabilities by querying public vulnerability databases, and produce a report to the PIACERE user.
Keywords: IaC, component, scanner, vulnerability, reports
Raise trust into Automation and reliability of created Playbooks
Assisted playbook writing (external API dependency)
Identify potential issues in Ansible playbooks
Result Description: an analyser and ranker of components (libraries, middleware) from a security point of view.. Identify used components and problematic dependencies, extending the Ansible scanner IP background
Unique Value Proposition: analyse the components of the target application to check for security vulnerabilities, identifying used components and problematic dependencies, and extending the Ansible scanner IP background
IP: proprietary solution released by XLAB as the new product Ansible Playbook Quality Scanner (see scanner.steampunk.si) and improved in the context of PIACERE