Using Bearer to scan your code for Privacy risks
Did you know that Bearer offers the ability to automatically compile the privacy information Legal teams need from Security and Engineering teams?
Did you know that Bearer offers the ability to automatically compile the privacy information Legal teams need from Security and Engineering teams?
When we started to build Bearer, we wanted to understand how to validate the quality of our findings and be able to benchmark it. Code security scanning solutions are notorious for reporting a lot of false positives and other deficiencies, and even though we believed we could do much better, we needed a way to prove it. In Java, there is an OWASP project, BenchmarkJava, which makes it easy to compare the output of two software security solutions.
Previously, we talked about the first phase of our battle testing process. If you haven’t already, give it a read for background on this article. After Bearer CLI proved itself solid against a variety of real-world projects, it was time to take things to the next level and compare the quality of results over time, and against the results of other static application security testing (SAST) tools.
Since we announced version 1.3 of Bearer CLI in early April, the team has been working relentlessly to make major movements and ship amazing new features. Before you read it all, we advise you to update to the latest version in the background 🙂, that way you can start exploring all right after finishing this article!