New
You can now integrate Bearer directly in your CI/CD pipeline with a GitHub Action (see documentation).
Thus you can use Bearer without creating and managing a Personal Access Token.
Continuous Code Scanning
New
Bearer now automatically scans your codebase once a week to update your inventory of engineering components.
You can customize the frequency at which Bearer scans your codebase (once a day, once a week, once a month).
Bearer performs diff-aware scans so you can focus on risks in recent code changes.
Broker Update
Improvement
A new version of the Broker is available with:
- Better support for detections in markup files (HTML, PHP, ERB, ASPX, Jupiter notebook, etc.).
- Overall improved domain detection and classification.
- Detection of data types for OpenAPI, GraphQL, Protobuf and SQL files
- Experimental detection of internal API paths.
- Improved error handling and memory usage.
To update the Broker please run docker pull bearersh/broker:latest
Introducing: Bearer Inventory
New
Scan your codebase
Bearer integrates with GitHub and GitLab and scans your code repositories to discover connected engineering components including databases, internal & external APIs, and message buses.
We support the following languages: Ruby, Javascript, Python, PHP, Go, Java and C#.
Build your inventory
Enrich your inventory with sensitive data flows and security controls.
If needed you can collect such information from your engineering team via light-touch questionnaires embedded in GitHub / GitLab.
