IAST&SAST项目篇&CodeQL拓展&火线洞态&Agent部署&DevSecOps
#SAST-CodeQL&CodeQLpy-JAVA
测评:若依系统&Tmall商城
在官方规则引擎下升级Java检测
https://github.com/webraybtl/codeQlpy
1、安装Python依赖
2、安装JDK8&11,Maven
3、修改配置文件路径指向
#IAST-火线洞态-Agent&IDEA-JAVA
参考:https://doc.dongtai.io/docs/introduction
测评:若依系统&Tmall商城
1、环境搭建:
Ubuntu 18.04
apt update
apt install docker.io
cp docker-compose /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
修改配置文件,填入SCA-Token后直接拉取
cd DongTai/deploy/docker-compose/
./dtctl install -v 1.9.1
2、Agent部署:
-IDEA插件
https://github.com/HXSecurity/DongTai-Plugin-IDEA/releases
https://doc.dongtai.io/docs/getting-started/agent/plugin/java-agent-idea
-Agent部署
netstat -ano | findstr xxxx
https://doc.dongtai.io/docs/category/agent-%E5%AE%89%E8%A3%85%E6%8C%87%E5%8D%97
