10.14. Secure Development¶
10.14.1. Risk Control¶
aswan Momo risk control system static rule engine
10.14.2. Static Analysis¶
PHP CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards
10.14.3. Secure Coding Practices¶
10.14.4. Vulnerability Management¶
Insight Yixin integrates application system asset management, vulnerability lifecycle management, and security knowledge base management into a trinity platform
xunfeng is suitable for rapid emergency response to vulnerabilities in enterprise intranets, cruise scanning system
DefectDojo an open-source application vulnerability correlation and security orchestration tool
Fuxi Scanner Penetration Testing Platform
SeMF enterprise intranet security management platform, including asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules
10.14.5. DevSecOps¶
hunter Zhongtong DevSecOps closed-loop solution, passive vulnerability scanner