ThunderScan integrated into CircleCI CI/CD pipeline

The world is moving toward DevSec/DevSecOps integration and automation, to speed up the workflow and speed to handle all the DevOps/DevSecOps change requests to ongoing automated triggers for application scanning, from dynamic to static. In fact, more and more large volume enterprise use cases involved setup of the DevOps/DevSecOps for continuous integration and continuous delivery (CI/CD). It will typically involve ten (10) domains, depending on the actual use case for the specific enterprise.

ThunderScan in 2021-Aug-10 announced it is now a CircleCI certified solution. DefenseCode created a ThunderScan® CircleCI Orb. Orbs are reusable snippets of code that help automate repeated processes, speed up project setup and make it easy to integrate with third-party tools. For existing customers who already use Thunderscan and with CircleCI or plan to use it together, will ensure that both solutions are certified integrated.

The world continues to evolve and technology transformation continues to enable enterprise customers  to do things faster, more accurately, more automate and more hand free once it seamlessly integrates and saves more time for every officer, unit, department and division users for the DevOps/DevSecOps platform. E-SPIN is pleased to know that the existing supplier vendors continue to make their product adapt for the market, and make it easier to be used for more and more DevOps/DevSecOps in the market.

Due to limit for solo dynamic application security testing (DAST) to use for perform quality scan and get result from extensive range of modern secure enhanced programming language and framework, it more and more user is shift-left to acquire static application security testing (SAST) to help perform secure code review, and with the adoption of dual engine for SAST-DAST combo use case. ThunderScan SAST and WebStrike DAST will be one of the good choices for the enterprise customer fully aware of the limit for solo application security testing (AST) technology approach. For those in the migration toward a more scalable SAST and DAST for application security testing (AST) to fit your enterprise threat modeling, security framework and as a means for the development / operations / security operations initiative (ie DevSecOps).

E-SPIN Group in the enterprise ICT solution supply, consulting, project management, training and maintenance for enterprise and government agencies across the region E-SPIN do business. E-SPIN being in the market since 2005 for deliver all form of application security testing (AST) technologies, from SAST, DAST, IAST, mobile AST, manual AST to modern secure DevOps / DevSecOps for development, quality assurance, operations users within enterprise. Feel free to contact E-SPIN for the ThunderScan SAST and CircleCI or other application security testing (AST) requirements.