Code Vulnerability Scan Tools

Hi,

I am looking for information on any code vulnerability scan tools that are recommended by UiPath?

A Vulnerability scan needs to done on our end against on the automation code before it is moved into production to make sure that there are no security vulnerabilities in the code.

Any tool experiences that may have been used for Static or Dynamic application security testing?

Any information shared on this topic is greatly appreciated.

@Forum_Staff Thank You!

1 Like

@pyarlagadda

Hello,
welcome in the UiPath community.

Very interesting question. A few month ago I asked a similar security question. In my opinion you can use QRadar or SonarQube to analyze the content of your package in the context of your CI/CD pipeline. Also you have the possibility to add your own Custom Rules to the Workflow Analyzer.

Best regards
Stefan

1 Like

@StefanSchnell @alexandru

Thanks for sharing information from you experiences. At this point, we are strictly looking for malware and vulnerabilities detection.

I also looked at your Security Question to UiPath.

I am curious about the solution there talking about updates in the near future and wondering if there are any new developments.

@pyarlagadda

Hello,
please take a look at the Anti Malware Scan Activity, maybe this will help you.
Best regards
Stefan

@StefanSchnell @loginerror @pyarlagadda

Stefan / Pyarlagadda - Were you able to get the solution for UiPath code security/vulnerability scan?

Maciej - Please let me know if you have any solution for the same

@SreekanthReddy

Hello Sreekanth,
(unfortunately) not yet.
Best regards
Stefan

I am trying out SonarCLOUD.

Hi All,

How to retrieve UI Path Vulnerability report which is common for all versions.

Any update on this .any one have the approach ? @StefanSchnell @wagner @pyarlagadda

Iā€™m interested. Any update?