StarShip SecScan

StarShip SecScan is a new generation of intelligent software security protection solution that leverages the capabilities of AI large models to deeply analyze software code, accurately identifying potential security threats and vulnerabilities. It revolutionizes the traditional vulnerability scanning paradigm, making it more precise, comprehensive, and efficient.

StarShip SecScan Features

1. Source Code Vulnerability Scan

StarShip SecScan can perform a security scan on project source code or specific code changes, pointing out the exact line or fragment of the potential problem, its severity level, and most importantly, it provides remediation suggestions for detected issues. Comprehensive scanning and remediation advice enable development teams to quickly identify and fix security flaws, enhancing the software's security performance.

2. Third-party Dependency Security Scan

StarShip SecScan can scan third-party packages introduced by projects or specific code changes. If security vulnerabilities are found, SecScan will provide a detailed description of the issue and suggestions for upgrades.

3. IDE Vulnerability Scanning

StarShip SecScan integrates security scanning capabilities into mainstream IDE (Integrated Development Environment), allowing developers to flexibly select scanning targets such as individual files, specific folders, or the entire project codebase in the early stages of software development. For individual file scans, StarShip SecScan can return results instantly; for folder or project scans, a scan report will be presented on the IDE side upon completion.

4. Formal Security Reports

StarShip SecScan supports presenting scan results in Markdown format directly in code merge requests (MR), or exporting complete reports in PDF or Json formats. Reports present issues in order of verification level, including problem descriptions, severity levels, and remediation recommendations.