Security scanning tool for dependencies and Infrastructure as Code

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

security-use

A security scanning library for Python projects. Provides vulnerability scanning for dependencies and Infrastructure as Code (IaC) files.

Features

  • Dependency Scanning: Detect known vulnerabilities (CVEs) in Python packages
  • IaC Scanning: Find security misconfigurations in Terraform, CloudFormation, and other IaC formats
  • Automated Fixes: Generate and apply fixes for detected issues

Installation

pip install security-use

Usage

Command Line

# Scan dependencies
security-use scan deps /path/to/project

# Scan IaC files
security-use scan iac /path/to/terraform

# Scan everything
security-use scan all /path/to/project

# Auto-fix vulnerable dependencies
security-use fix /path/to/project

Python API

from security_use import scan_dependencies, scan_iac

# Scan dependencies
result = scan_dependencies("/path/to/project")

for vuln in result.vulnerabilities:
    print(f"{vuln.package}: {vuln.severity.value}")

# Scan IaC
result = scan_iac("/path/to/terraform")

for finding in result.iac_findings:
    print(f"{finding.rule_id}: {finding.title}")

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.4

0.1.3

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

security_use-0.1.1.tar.gz (34.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

security_use-0.1.1-py3-none-any.whl (38.6 kB view details)

Uploaded Python 3

File details

Details for the file security_use-0.1.1.tar.gz.

File metadata

  • Download URL: security_use-0.1.1.tar.gz
  • Upload date:
  • Size: 34.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.1.tar.gz
Algorithm Hash digest
SHA256 4a1f1f109577ac731e485ae3147b44c0109b3388d04f658663aa5bf35aee8ae1
MD5 c724f1f329b84b9a82d32de865670038
BLAKE2b-256 64c27bdedac8e9c184a0419a0ad00fc70ee98073bf6817170a99dd34440fb71c

See more details on using hashes here.

File details

Details for the file security_use-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: security_use-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 38.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 bad9a7c5427fd9b54166b34c488d4fb2d59b4193bb923424506dc697a7773b4c
MD5 6710e5b53e4171d5327bb26a2dbf08a9
BLAKE2b-256 02e2b4e70be6ae4e453f18a4c3e01e1712eafe8114e1731398c482c621c3c268

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page