Welcome
Welcome to the Zirkul DevSecOps and AppSec management documentation site.
Zirkul is a platform designed for DevSecOps (application security scanning automation) and Application Security program management.
AppSec Management
Zirkul can be used for:
Track all your managed assets in a single place, from Web Apps, Mobile Apps, Servers, IP ranges or anything you want to track security testing for.
Manage all security testing activities in a single place, from pentest, DAST, SAST, SCA, Network Scans, etc. It doesn't matter if you're scanning with third parties or internally.
Vulnerability Management designed for Agile teams, this can be used for assigning issues, request retest, raise exceptions, challenge false positives, ask questions, add comments, get remediation guidance, attach evidence and more.
Groups for access segmentation.
Fully granular user roles and permissions.
Generate metrics exporting data in excel format so you can answer questions such as:
How many pentest have been completed this year?
How many open vulnerabilities do we have, broken down by country or business unit?
Is App X in compliance with no Critical or High open vulnerabilities?
Which Apps have not completed a SAST or DAST scan this year?
DevSecOps / CICD
Zirkul is designed to be friendly with all CICD processes with functionalities available for integrating in many ways.
You can launch scans from CICD pipelines by:
Making a webhook call.
Using our portable agent for scanning within the internal network.
Requesting scans to be executed in the Cloud.
In the next sections you will find examples of running scans from some popular platforms.
If you have any questions, please contact support@zirkul.com
Last updated