Security scanning tool for dependencies and Infrastructure as Code

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

security-use

A security scanning library for Python projects. Provides vulnerability scanning for dependencies and Infrastructure as Code (IaC) files.

Features

  • Dependency Scanning: Detect known vulnerabilities (CVEs) in Python packages
  • IaC Scanning: Find security misconfigurations in Terraform, CloudFormation, and other IaC formats
  • Automated Fixes: Generate and apply fixes for detected issues

Installation

pip install security-use

Usage

Command Line

# Scan dependencies
security-use scan deps /path/to/project

# Scan IaC files
security-use scan iac /path/to/terraform

# Scan everything
security-use scan all /path/to/project

# Auto-fix vulnerable dependencies
security-use fix /path/to/project

Python API

from security_use import scan_dependencies, scan_iac

# Scan dependencies
result = scan_dependencies("/path/to/project")

for vuln in result.vulnerabilities:
    print(f"{vuln.package}: {vuln.severity.value}")

# Scan IaC
result = scan_iac("/path/to/terraform")

for finding in result.iac_findings:
    print(f"{finding.rule_id}: {finding.title}")

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.4

0.1.3

This version

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

security_use-0.1.2.tar.gz (35.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

security_use-0.1.2-py3-none-any.whl (40.2 kB view details)

Uploaded Python 3

File details

Details for the file security_use-0.1.2.tar.gz.

File metadata

  • Download URL: security_use-0.1.2.tar.gz
  • Upload date:
  • Size: 35.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.2.tar.gz
Algorithm Hash digest
SHA256 a4297707b90e9963bf72444ed5c64dd6792173ab731c5464940d433266c120c2
MD5 644add27ecd9d3848f09fef1e2496e12
BLAKE2b-256 ce416ec5eb8d92e01efae510372b1206e244d206a70e09719889cba8e2c9d73f

See more details on using hashes here.

File details

Details for the file security_use-0.1.2-py3-none-any.whl.

File metadata

  • Download URL: security_use-0.1.2-py3-none-any.whl
  • Upload date:
  • Size: 40.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 9582347ef2ce5ac359d3f7bc63ca3f63eddba50a20240cb85b2dbb8cccc92279
MD5 9bba3cd1cf834006fc36e3cafda1391f
BLAKE2b-256 139ee9979cc3f498ca34bf900c7a6897b86560ddba431874e18edfdc39e534f5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page