Security scanning tool for dependencies and Infrastructure as Code

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

security-use

A security scanning library for Python projects. Provides vulnerability scanning for dependencies and Infrastructure as Code (IaC) files.

Features

  • Dependency Scanning: Detect known vulnerabilities (CVEs) in Python packages
  • IaC Scanning: Find security misconfigurations in Terraform, CloudFormation, and other IaC formats
  • Automated Fixes: Generate and apply fixes for detected issues

Installation

pip install security-use

Usage

Command Line

# Scan dependencies
security-use scan deps /path/to/project

# Scan IaC files
security-use scan iac /path/to/terraform

# Scan everything
security-use scan all /path/to/project

# Auto-fix vulnerable dependencies
security-use fix /path/to/project

Python API

from security_use import scan_dependencies, scan_iac

# Scan dependencies
result = scan_dependencies("/path/to/project")

for vuln in result.vulnerabilities:
    print(f"{vuln.package}: {vuln.severity.value}")

# Scan IaC
result = scan_iac("/path/to/terraform")

for finding in result.iac_findings:
    print(f"{finding.rule_id}: {finding.title}")

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.4

0.1.3

0.1.2

0.1.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

security_use-0.1.0.tar.gz (33.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

security_use-0.1.0-py3-none-any.whl (38.5 kB view details)

Uploaded Python 3

File details

Details for the file security_use-0.1.0.tar.gz.

File metadata

  • Download URL: security_use-0.1.0.tar.gz
  • Upload date:
  • Size: 33.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.0.tar.gz
Algorithm Hash digest
SHA256 b363c071a401b2e012e4cabce5472a9adb4e9a0691a74e39846687e28661735e
MD5 815cea003a0907cf81ef673359ff79c8
BLAKE2b-256 cba4bce55a2c39cbdd18695cdbc605689ac37363581a1b3265d4744102deae61

See more details on using hashes here.

File details

Details for the file security_use-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: security_use-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 38.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 454e365e4c0611dee127ae041f1695790a566c07e27334879a8cbf2824f61efe
MD5 4f6a8976beb0c5cf64245f3eb2b953e4
BLAKE2b-256 7b33953e4fa5a3d5323220b5caa7a2ed14e8a8b51222ecdf0203fe1e5bc8486b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page