bearer

Bearer CLI is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to discover, filter and prioritize security and privacy risks. Currently supporting: JavaScript/TypeScript, Ruby, PHP, Java, Go, Python.

Security risks and vulnerabilities using built-in rules covering the OWASP Top 10 and CWE Top 25, such as:
- A01: Access control (e.g. Path Traversal, Open Redirect, Exposure of Sensitive Information).
- A02: Cryptographic Failures (e.g. Weak Algorithm, Insecure Communication).
- A03: Injection (e.g. SQL Injection, Input Validation, XSS, XPath).
- A04: Design (e.g. Missing Encryption of Sensitive Data, Persistent Cookies Containing Sensitive Information).
- A05: Security Misconfiguration (e.g. Cleartext Storage of Sensitive Information in a Cookie or JWT).
- A07: Identification and Authentication Failures (e.g. Use of Hard-coded Password, Improper Certificate Validation).
- A08: Data Integrity Failures (e.g. Deserialization of Untrusted Data).
- A09: Security Logging and Monitoring Failures (e.g. Insertion of Sensitive Information into Log File).
- A10: Server-Side Request Forgery (SSRF).

Privacy risks with the ability to detect sensitive data flow such as the use of PII, PHI in your app, and components processing sensitive data (e.g. databases like pgSQL, third-party APIs such as OpenAI, Sentry, etc.). This helps generate a privacy report relevant for:
- Privacy Impact Assessment (PIA).
- Data Protection Impact Assessment (DPIA).
- Records of Processing Activities (RoPA) input for GDPR compliance reporting.