Introducing ScopeGuardian: Simplified Security Scanning Orchestrator for CI/CD Pipelines
Introducing ScopeGuardian - security scanning orchestrator, simplified for your CI/CD pipelines. We built ScopeGuardian to make it effortless to run multiple security scanners on your codebase and automatically sync findings to DefectDojo; all in one command. What it does:
IaC scanning with KICS (Dockerfile, Terraform, Kubernetes, and more)
SCA / dependency vulnerabilities with Grype + Syft SBOM generation
SAST with OpenGrep
Auto-sync findings to DefectDojo (with deduplication)
Security gate ā fail your pipeline if critical/high findings exceed your thresholds
Drop it in your pipeline in minutes with Docker, configure what you need in a simple config.toml, and let ScopeGuardian handle the rest. š https://scope-guardian.paranoihack.ch