Key Features
Key Features of Plexicus
Plexicus provides a wide range of capabilities tailored to address the most critical aspects of application security. Below is an overview of the key features available to help you secure your software supply chain:
1. Static Application Security Testing (SAST)
Detect vulnerabilities in your code early in the development process. Plexicus integrates seamlessly with popular CI/CD tools to analyze source code, identify flaws, and provide actionable recommendations for remediation. Supported tools include:
- Checkmarx
- Semgrep
- GitHub SAST
- Fortify
- OWASP Top 10 compliance
2. Software Composition Analysis (SCA)
Identify vulnerabilities in your open-source dependencies and third-party libraries. Plexicus offers deep insights into the components of your software supply chain, enabling:
- Dependency scanning
- License compliance checks
- Integration with SBOM tools like Trivy and Syft
- OWASP Dependency Check
3. Secrets Scanning
Prevent sensitive information such as API keys, passwords, and tokens from being exposed in your repositories. Plexicus integrates with industry-leading tools like:
- TruffleHog
- Gitleaks
- Secretlint
4. Infrastructure as Code (IaC) Security
Secure your cloud infrastructure configurations and prevent misconfigurations from introducing vulnerabilities. With support for tools like TFLint, KICS, and Hadolint, Plexicus scans Terraform files, Kubernetes manifests, and other IaC scripts to ensure compliance and security.
5. Container Security
Protect your containerized environments with powerful scanning tools like Trivy, Grype, and Checkov. Plexicus helps identify vulnerabilities in container images and ensures secure configurations for Docker and Kubernetes environments.
6. Threat Detection and Malware Scanning
Leverage advanced threat detection capabilities to identify malware in your code and supply chain. Powered by tools like Yara, ClamAV, and SLSA, Plexicus proactively scans for malicious threats and protects your environment.
7. Cloud Security Posture Management (CSPM)
Ensure your cloud infrastructure is secure and compliant. Plexicus integrates with CSPM tools like CloudSploit to protect AWS, Azure, and GCP environments, mitigating cloud-specific risks.