Set up your pipelines to detect security vulnerabilities automatically using Security Testing Orchestration.
Run scans and ingest data
Learn about the three high-level workflows for running scans and ingesting results: orchestration, extraction, and ingestion.
Learn how to scan an object and ingest the results automatically in one step.
Learn how to run scans in a separate step, or outside Harness entirely, and ingest the results.
Configure external scanners
STO includes integrations with over 30 external tools for scanning repositories, container images, applications, and configurations.
Ingest data from custom scanners
You can ingest custom Issues from any scanning tool. This topic shows you how.
View, troubleshoot, and fix vulnerabilities
View issues in target baselines over time
See all detected issues in your main branches, latest images, and other target baselines.
Create Jira tickets for detected issues
You can easily create Jira tickets for issues detected during an STO build.
Navigate and drill down into detected vulnerabilities
The Security Testing Dashboard enables you to view, navigate, discover, and investigate detected vulnerabilities in your organization.
Stop builds based on detected vulnerabilities
Create a standalone STO pipeline
Set up a pipeline with one scanner, run scans, analyze the results, and learn the key features of STO.
Deploy a Helm Chart using CD Community Edition
Add a scan step to a CI pipeline and set up the pipeline to fail if a scan finds any show-stopper vulnerabilities.