Security scanning tool for dependencies and Infrastructure as Code

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

security-use

A security scanning library for Python projects. Provides vulnerability scanning for dependencies and Infrastructure as Code (IaC) files.

Features

  • Dependency Scanning: Detect known vulnerabilities (CVEs) in Python packages
  • IaC Scanning: Find security misconfigurations in Terraform, CloudFormation, and other IaC formats
  • Automated Fixes: Generate and apply fixes for detected issues

Installation

pip install security-use

Usage

Command Line

# Scan dependencies
security-use scan deps /path/to/project

# Scan IaC files
security-use scan iac /path/to/terraform

# Scan everything
security-use scan all /path/to/project

# Auto-fix vulnerable dependencies
security-use fix /path/to/project

Python API

from security_use import scan_dependencies, scan_iac

# Scan dependencies
result = scan_dependencies("/path/to/project")

for vuln in result.vulnerabilities:
    print(f"{vuln.package}: {vuln.severity.value}")

# Scan IaC
result = scan_iac("/path/to/terraform")

for finding in result.iac_findings:
    print(f"{finding.rule_id}: {finding.title}")

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for shauryaagg from gravatar.com shauryaagg

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Security Use
  • Tags cloudformation , dependencies , iac , scanner , security , terraform , vulnerability
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

This version

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

security_use-0.1.4.tar.gz (36.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

security_use-0.1.4-py3-none-any.whl (42.2 kB view details)

Uploaded Python 3

File details

Details for the file security_use-0.1.4.tar.gz.

File metadata

  • Download URL: security_use-0.1.4.tar.gz
  • Upload date:
  • Size: 36.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.4.tar.gz
Algorithm Hash digest
SHA256 431ed738520128f00c782e47d24349b5b7981df20a840cc6bd2bb73fd128bd32
MD5 b82c88270d80ee8782dd276b95b12708
BLAKE2b-256 fd06ef60ac79560bb8c2e414acfb74733ef7fcff896674b2ca20b214e9d08a32

See more details on using hashes here.

File details

Details for the file security_use-0.1.4-py3-none-any.whl.

File metadata

  • Download URL: security_use-0.1.4-py3-none-any.whl
  • Upload date:
  • Size: 42.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.7

File hashes

Hashes for security_use-0.1.4-py3-none-any.whl
Algorithm Hash digest
SHA256 8261fb7f0e2058d4b8b48e763fda44350f43172e8d820264822e92fe3deb6946
MD5 a16f6d10d6e8d4410e9107ffcd4d48f5
BLAKE2b-256 dc89bd1fc53626a5f06cc523e67610efafe26e6dc48bb8a57c88f7cea6c79944

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page