I’m Guillaume, the cofounder and CEO of Bearer, a code security startup trying to rethink security products for a developer-first World.
7 months ago we introduced on HN, Bearer CLI (https://github.com/Bearer/bearer), our free and open code security scanner supporting at the time only Ruby and JavaScript applications.
We’ve been working very hard with the team, thanks to community feedback to bring tons of new features as well as more language support to become everyone’s go-to code security solution.
Just to name a few major features: - Native integration with GitHub and GitLab - Diff scanning feature - PR/MR annotation - Fingerprinting of findings with "ignore" management
Plus the release of TypeScript, Java, and PHP support, plus an early alpha release for both Go and Python. More on our language coverage here: https://docs.bearer.com/reference/supported-languages/.
Everything mentioned here is still completely free to use! In addition to Bearer CLI, we’ve also released a SaaS companion dashboard, Bearer Cloud, mostly intended for AppSec team, that provides a nice UI and workflow features to better act on security findings (more here: https://www.bearer.com/bearer-cloud)
Our Philosophy remains the same as day 1, to provide a solution that just works out-of-the-box for everyone, with a great DX, a good level of risks and security coverage (OWASP TOP 10, CWE Top 25), and the ability to customize everything if needs be.
We would love for you to give it a try (30 seconds install, 2 minutes scan), and tell us everything we could improve! Thank you
