Code Vulnerability Scan Tools

pyarlagadda · April 4, 2022, 3:21pm

Hi,

I am looking for information on any code vulnerability scan tools that are recommended by UiPath?

A Vulnerability scan needs to done on our end against on the automation code before it is moved into production to make sure that there are no security vulnerabilities in the code.

Any tool experiences that may have been used for Static or Dynamic application security testing?

Any information shared on this topic is greatly appreciated.

@Forum_Staff Thank You!

StefanSchnell · April 5, 2022, 6:31am

@pyarlagadda

Hello,
welcome in the UiPath community.

Very interesting question. A few month ago I asked a similar security question. In my opinion you can use QRadar or SonarQube to analyze the content of your package in the context of your CI/CD pipeline. Also you have the possibility to add your own Custom Rules to the Workflow Analyzer.

Best regards
Stefan

pyarlagadda · April 14, 2022, 3:15pm

@StefanSchnell @alexandru

Thanks for sharing information from you experiences. At this point, we are strictly looking for malware and vulnerabilities detection.

I also looked at your Security Question to UiPath.

I am curious about the solution there talking about updates in the near future and wondering if there are any new developments.

StefanSchnell · April 15, 2022, 5:27pm

@pyarlagadda

Hello,
please take a look at the Anti Malware Scan Activity, maybe this will help you.
Best regards
Stefan

Most Active Users - Yesterday
THIRU_NANI
muhammedyuzuak
Rahul_Unnikrishnan
Nithinkrishna
suraj.setty
Satish_Ch
supermanPunch
nikhil.girish
Zara_Yasmin
Rajeswari24
More details...