Security & Performance Tools
HashSecured supports multiple tools across different phases of the pipeline. Each tool is mapped to its intended usage.
Tools by Phase
| Phase | Tools |
|---|---|
| Pre-phase (Code & IaC) | semgrep, gitleaks, checkov, trufflehog, trivyfs, kubesec |
| Mid-phase (Container Images) | trivyimage, grype |
| Post-phase (Deployment) | zap, nuclei |
Usage Notes
- Tools are referenced by their lowercase names (e.g.,
semgrep, notSemgrep). - By default, the platform automatically picks the right set of tools for each phase.
- You can override this behavior by passing the
toolsparameter in your pipeline configuration (comma-separated list).
Example (GitLab):
TOOLS: "semgrep,gitleaks"Example (GitHub):
tools: "semgrep,gitleaks"