Codeguru - Only Security checks/scans

0

Is it possible to use codeguru only for performing security scans/checks. Though codeguru provides other scans, I am interested in using codeguru only for security scans. Does AWS provide such facility?

2 Answers
1

Hi,

In your scenerio, I'd recommend to use the exclude and suppress function as the codeguru reviewer will run as a one feature. I've added reference below which you may have seen already but just in case.

https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/recommendations.html https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/recommendation-suppression.html

AWS
answered a year ago
0

Yes, it is possible to use AWS CodeGuru to perform only security scans on your code. AWS CodeGuru provides security-related recommendations based on best practices and best practices from the industry, as well as checks for known security vulnerabilities in your code.

You can use CodeGuru's security review feature to scan your codebase and identify potential security issues, such as SQL injection vulnerabilities, cross-site scripting (XSS) vulnerabilities, and sensitive data exposure. CodeGuru analyzes the code using a combination of static and dynamic analysis and generates a report that includes a detailed description of the issue, the affected code, and the recommended remediation.

Additionally, CodeGuru also integrates with other AWS security services like Amazon Inspector, which allows you to perform security assessments on the running instances.

To use CodeGuru for security scans you will need to enable and configure the security review feature for your repository in CodeGuru. You can also configure the settings to scan only specific parts of your codebase and exclude certain files or directories.

In summary, AWS CodeGuru provides the facility to perform security scans and checks, and you can use it to focus on the security scans specifically.

profile picture
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions