Bearer CLI
Welcome to the Bearer CLI documentation. Bearer CLI is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to discover, filter and prioritize security and privacy risks.
The CLI provides built-in rules that check against a common set of security risks and vulnerabilities, known as OWASP Top 10, and privacy risks. Here are some practical examples of what those rules look for:
- Non-filtered user input (sql injection, path traversal, etc.)
- Leakage of sensitive data through cookies, internal loggers, third-party logging services, and into analytics environments.
- Usage of weak encryption libraries or misusage of encryption algorithms.
- Unencrypted incoming and outgoing communication (HTTP, FTP, SMTP) of sensitive data.
- Hard-coded secrets and tokens.
And many more.
Bearer CLI currently supports JavaScript / TypeScript and Ruby stacks, and more will follow.
Want a quick rundown? Here's a minute and a half of what you can expect from Bearer CLI:
Getting started
New to Bearer CLI? Check out the quickstart to scan your first project.
Ready to dive in? Bearer CLI's scanners and reports are your path to analyzing security risks and vulnerabilities in your application. Check the command reference to configure Bearer CLI to your needs.
Guides
Guides help you make the most of Bearer CLI so you can get up and running quickly.
Explanations
Explanations dive into the rational behind Bearer CLI and explain some of its heavier concepts.
- How Bearer CLI works
- Bearer CLI's scanner types
- Bearer CLI's report types
- How Bearer CLI discovers and classifies data
- How Bearer CLI sets severity levels
Reference
Reference documents are where you'll find detailed information about each command, as well as support charges for languages, rules, datatypes, and more.
Contributing
We'd love to see the impact you can bring to Bearer CLI. Our contributing documentation will help get you started, whether you want to dive deep into the code or simply fix a typo.
- Get started contributing to Bearer CLI
- Set up Bearer CLI locally to contribute code
- Help improve and apply fixes to the documentation
- Add new recipes to Bearer CLI's database
Ready to take the next step? Join the Bearer Cloud waitlist.