Skip to content

Probely/drone-io

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
assets
assets
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
scan.py
scan.py
 
 
scan.sh
scan.sh
 
 

Repository files navigation

Probely Target Scan

The Target Scan provides an easy and efficient integration of Dynamic Application Security Testing (DAST) done with Probely into your drone CI pipelines.

About Probely’s DAST

Probely’s DAST scanner automates and scales web applications and APIs security testing:

  • Detects over 30,000 potential security vulnerabilities.
  • Reports the vulnerabilities that matter due to the near-zero number of false positives (0.06% in 2022).
  • Produces reports of the vulnerabilities found with detailed instructions on how to fix them.

Read more details on our Product page.

About the Target Scan

The Target Scan is the piece that automates Probely’s security testing integrated into your CI pipeline. It is configured in drone to execute security tests on every commit.

This default behavior can, however, be changed and adjusted in drone to meet your specific CI needs.

Usage

Register

If you are not registered yet, get started for free and create an account in Probely. For more details, read this article on how the free trial works.

Add the Target

Once registered, log in to the Probely app, and add the target for the web application or API you want to do the security testing. See this tutorial on how to add a target.

Integrate

Add the following to your drone config (.drone.yml):

kind: pipeline
type: docker
name: default

steps:
- name: probely-scan
  image: probely/drone-io:latest
  settings:
    api_key: API_KEY
    target_id: TARGET_ID
    region: eu
    scan_profile: normal
  • api_key: Probely's API Key
  • target-id: Probely's identifier of the target to scan
  • region: Probely's region where your account is hosted
  • scan-profile: The scan profile to use in the scan. If not defined, the scan profile will be the one defined in the target settings.

Or using secrets:

kind: pipeline
type: docker
name: default

steps:
- name: probely
  image: probely/drone-io:latest
  environment:
    PLUGIN_API_KEY:
      from_secret: p_api_key
    PLUGIN_TARGET_ID:
      from_secret: p_target_id
    PLUGIN_REGION:
      from_secret: p_region
    PLUGIN_SCAN_PROFILE:
      from_secret: p_scan_profile

Secrets Example

Contact Us

If you have any issues or questions, email us to support@probely.com. If you want to know more about Probely, request a demo on our website.

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages